X-Git-Url: https://robinkrens.nl/gitweb/?p=x509-shell-scripts;a=blobdiff_plain;f=server-certificate.sh;fp=server-certificate.sh;h=0d79a0a26eb4ff284790e3069e8603a911a3f12f;hp=e3c5995a3cd9aa7a2877848991221947604bc7aa;hb=e04860b438ee646fedbaa035dbc82e2642855710;hpb=43e9f0ef06471c389dc706d9ecbcb18a40d3c8b1

diff --git a/server-certificate.sh b/server-certificate.sh
index e3c5995..0d79a0a 100755
--- a/server-certificate.sh
+++ b/server-certificate.sh
@@ -1,3 +1,13 @@
+#!/bin/bash
+
+# create host key signed by CA
+# presumes standard directory of strongswan 
+
+VPN_COUNTRY="AUS"
+VPN_IP_ADDRESS="45.32.241.182"
+VPN_NAME="ROB-VPN-AUS"
+
+echo "Entering strongswan config directory..."
 cd /etc/strongswan/ipsec.d/
 strongswan pki --gen --type rsa --size 2048 \
 	--outform pem \
@@ -7,7 +17,7 @@ strongswan pki --pub --in private/vpnHostKey.pem --type rsa | \
 	strongswan pki --issue --lifetime 730 \
 	--cacert cacerts/strongswanCert.pem \
 	--cakey private/strongswanKey.pem \
-	--dn "C=JP, O=ROB-VPN-JP, CN=207.148.98.140" \
-	--san 207.148.98.140 \
+	--dn "C=$VPN_COUNTRY, O=$VPN_NAME, CN=$VPN_IP_ADDRESS" \
+	--san $VPN_IP_ADDRESS \
 	--flag serverAuth --flag ikeIntermediate \
 	--outform pem > certs/vpnHostCert.pem