Skip to content

Instantly share code, notes, and snippets.

@kevinzhow
kevinzhow / ocserv
Created March 20, 2014 11:15
ocserv 启动脚本
#!/bin/sh
### BEGIN INIT INFO
# Provides: ocserv
# Required-Start: $remote_fs $syslog
# Required-Stop: $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
### END INIT INFO
# Copyright Rene Mayrhofer, Gibraltar, 1999
# This script is distibuted under the GPL
@bao3
bao3 / cert-client.sh
Created October 6, 2014 08:31
这是几个用来签发证书的脚本,请注意这需要你安装了gnutls才可以,主要当时是为了ocserv而写,纯偷懒。基本上,你只要用 ./cert-client.sh you-user-name 这种格式,就可以自动生成 you-user-name-key.pem/ your-user-name-cert.pem /your-user-name.p12
#! /bin/sh
#! /usr/bin/expect -f
certtool --generate-privkey --outfile $1-key.pem
sed -i "1ccn = "${1}"" client.tmpl
sed -i "3cemail = ${1}@abc.org" client.tmpl
certtool --generate-certificate --load-privkey $1-key.pem --load-ca-certificate ca-cert.pem --load-ca-privkey ca-key.pem --template client.tmpl --outfile $1-cert.pem
openssl pkcs12 -export -inkey $1-key.pem -in $1-cert.pem -name "$1 VPN Client Cert" -certfile ca-cert.pem -out $1.cert.p12