removecert

#!/usr/bin/perl -w

# removecert
# a script to assist in revoking certs and cleaning up
# the directories for use with radmind
# run it as root
# usage: removecert hostname
#
# Greg Neagle, Walt Disney Feature Animation

use strict;

# you'll need to change $domain to match your environment,
# or set it to "" if you aren't using DNS names with radmind
my $domain = ".fas.fa.disney.com";
my $ca_password = "(INSERT CA KEY PASSPHRASE HERE)";

my $hostname = $ARGV[0];
if ($hostname) {
   my @hostparts = split /\./, $hostname;
   my $shorthostname = $hostparts[0];

   my $ca_dir = "/var/radmind/CA";
   my $special_dir = "/var/radmind/special";
   
   if (-d "$special_dir/$shorthostname$domain" ) {
      `openssl ca -batch -key $ca_password -config $ca_dir/openssl.cnf -revoke "$special_dir/$shorthostname/private/var/radmind/cert/cert.pem"`;
      `rm -rf "$special_dir/$shorthostname"`;
      if ($domain) {
         `rm -rf "$special_dir/$shorthostname$domain"`;
      }
   } else {
      print "No certificate found for $hostname.\n";
   }
}