diff options
| -rw-r--r-- | request_cert.sh | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/request_cert.sh b/request_cert.sh index 9ddf042..7a44884 100644 --- a/request_cert.sh +++ b/request_cert.sh @@ -17,7 +17,8 @@ set -eu if [ -z "${VAULT_TOKEN-}" ]; then read -p USER: LDAPUSER read -s -p PASSWORD: LPDAPASSWD - VAULT_TOKEN=$( curl -s -X POST -H "Content-Type: application/json" -d "{ \"password\": \"$LPDAPASSWD\"}" https://vault.dings:8200/v1/auth/ldap/login/$LDAPUSER | jq -r ".auth.client_token" ) + login_request_data=$(jq -c -n --arg password "$LDAPUSER" '{$password}' + VAULT_TOKEN=$( curl -s -X POST -H "Content-Type: application/json" -d "$login_request_data" https://vault.dings:8200/v1/auth/ldap/login/$LDAPUSER | jq -r ".auth.client_token" ) echo $VAULT_TOKEN fi @@ -29,14 +30,15 @@ fi if [ "$1" == "-s" ]; then CN=$2 - DATA=$( curl -s --header "X-Vault-Token: $VAULT_TOKEN" --request POST --data "{ \"common_name\": \"$CN\", \"ttl\": \"90d\" }" https://vault.dings:8200/v1/pki_rz_q-ca_2021aa/issue/rz-drv ) + cert_request_data=$(jq -c -n --arg common_name "$CN" --arg ttl 90d '{$common_name,$ttl}' + DATA=$( curl -s --header "X-Vault-Token: $VAULT_TOKEN" --request POST --data "$cert_request_data" https://vault.dings:8200/v1/pki_rz_q-ca_2021aa/issue/rz-drv ) else CN=$( cat $1 | jq -r ".common_name" ) DATA=$( curl -s --header "X-Vault-Token: $VAULT_TOKEN" --request POST --data @$1 https://vault.dings:8200/v1/pki_rz_q-ca_2021aa/issue/rz-drv ) fi [ -d $CN ] && rm -r $CN -mkdir $CN || exit 1 +mkdir $CN echo $DATA > $CN/$CN.json echo $DATA | jq -r '.data.certificate' > $CN/$CN.cer |