Register
It is currently Sat Aug 02, 2014 12:34 am

crl by name


All times are UTC - 6 hours


Post new topic Reply to topic  [ 2 posts ] 
Author Message
 PostPosted: Fri Oct 15, 2010 8:29 am   

Joined: Fri Oct 15, 2010 8:26 am
Posts: 1
Using Debian Lenny with bash:
I have an easy-rsa setup that gererates certifcates. I can revoke them and over time the revoke list is getting a bit to large to "just see" which
certificates have been revoked.
The normal listing command lists just the serial numbers, I want the common names of the certificates. I'm almost there using a simple script but... now I'm stuck.

cd /root/easy-rsa/1.0
. vars
./list-crl crl.pem | grep "Serial Number:" | cut -c20-21 > /root/crlserial
For each line in crlserial do
grep "Subject:" keys/$1.pem | cut -d, -f5

Output:
CN=m.derooy/emailAddress=helpdesk@tio.nl
etc.


How do I do the line:
For each line in crlserial do (the $1 in the next line is an indication where the parameter needs to go)
The crlserial file has one serial number per line like
0D
15
23
etc.

If it's easier to make it all just a one-liner script not involving a temp file... no problem, even better.


Top
 Profile  
 PostPosted: Mon Oct 18, 2010 5:00 am   
Moderator
User avatar

Joined: Thu Oct 11, 2007 7:12 am
Posts: 229
Location: London - UK
Code:
for iserial in $(./list-crl crl.pem | grep "Serial Number:" | cut -c20-21)
do
  grep "Subject:" keys/${iserial}.pem | cut -d, -f5
done


I use the command to generate the serial numbers in a $(...) subshell and the for loop iterates over them.

I hope that helps


Top
 Profile  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC - 6 hours


Who is online

Users browsing this forum: No registered users and 4 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
cron


BashScripts | Promote Your Page Too
Powered by phpBB © 2011 phpBB Group
© 2003 - 2011 USA LINUX USERS GROUP