removecert
Revised: 2006-09-22 richard
Introduction
This script assists in revoking certs and cleaning up the directories for use with radmind.
Script
removecert#!/usr/bin/perl -w
# removecert
# a script to assist in revoking certs and cleaning up
# the directories for use with radmind
# run it as root
# usage: removecert hostname
#
# Greg Neagle, Walt Disney Feature Animation
use strict;
# you'll need to change $domain to match your environment,
# or set it to "" if you aren't using DNS names with radmind
my $domain = ".fas.fa.disney.com";
my $ca_password = "(INSERT CA KEY PASSPHRASE HERE)";
my $hostname = $ARGV[0];
if ($hostname) {
my @hostparts = split /\./, $hostname;
my $shorthostname = $hostparts[0];
my $ca_dir = "/var/radmind/CA";
my $special_dir = "/var/radmind/special";
if (-d "$special_dir/$shorthostname$domain" ) {
`openssl ca -batch -key $ca_password -config $ca_dir/openssl.cnf -revoke "$special_dir/$shorthostname/private/var/radmind/cert/cert.pem"`;
`rm -rf "$special_dir/$shorthostname"`;
if ($domain) {
`rm -rf "$special_dir/$shorthostname$domain"`;
}
} else {
print "No certificate found for $hostname.\n";
}
}