dev #20260428

README.md

@@ -6,13 +6,10 @@ This toolkit allows you to manage a personal PKI through various bash scripts.
 - Linux environment
   - Rocky Linux 10
   - Redhat 10
-- Packages
-  - sqlite
-  - litecli sqlite text client (`pip3 install litecli`)  
-Not essential for the tools to work, but could be handy
+
 ## Installation
 ```bash
-git clone https://gitweb.dyndns.org/scripts/own-ski.git
+git clone https://gitweb.dyndns.org/scripts/own-pki.git
 ```
 ```bash
 sudo ./install.sh
@@ -20,25 +17,24 @@ sudo ./install.sh
 
 ## Configuration
 ### Config file
-
-### Database
-```bash
-./create-db.sh
-```
+Edit configuration file `/etc/own-pki/own-pki.conf`
 ## Tools list
 | Name | Description |
 | :--- | :--- |
-| install.sh | install toolbox own pki |
-| create-ca.sh | create a Certificate Authority (CA) |
-
+| `install.sh` | install toolbox own pki |
+| `create-ca.sh` | create a Certificate Authority (CA) |
+| `generate-cert.sh` | generate a certificat |
+| `info-cert.sh` | display certificate info |
+| `remove-cert.sh` | remove a certificate |
+| `renew-cert.sh` | recertify a certificate |
 
 ## Sources
-- https://jamielinux.com/docs/openssl-certificate-authority/create-the-root-pair.html
+- [OpenSSL Certificate Authority](https://jamielinux.com/docs/openssl-certificate-authority/create-the-root-pair.html)
 
 ## Changelog
 ### [1.0.0] - 2026-04-18
 #### Added
-- 
+- scripts
 #### Project initialization
 - initialized by [GMo](mailto:gilles.mouchet@geneve.ch)
 

config/own-pki.conf

@@ -1,53 +1,40 @@
 # Enables colorization (true) or disables it (false)
-#ENABLE_COLOR=true
+ENABLE_COLOR=true
 
 # Default number of days for the certificate's validity
 # This can be overridden with the `-t or --days` option
 # when running the script.
-#DAYS=365
+DAYS=365
 
-# Variables to use for create ca-config file
+# Variables to use for create CA
 # Country Name (2 letter code)
-#COUNTRY_NAME=CH
+COUNTRY_NAME=CH
 
 # State or province name (full name)
-#STATE_OR_PROVINCE_NAME=Vaud
+STATE_OR_PROVINCE_NAME=Vaud
 
 # Locality name (eg, city)
-#LOCALITY_NAME=Nyon
+LOCALITY_NAME=Nyon
 
 # Organization name (eg, company)
-#ORGANIZATION_NAME="GMO Lab (gmolab)"
+ORGANIZATION_NAME="GMO Lab (gmolab)"
 
 # Organizational Unit Name (eg, section)
-#ORGANIZATIONAL_UNIT_NAME="ITCS (Information Technology and Communications Service)"
+ORGANIZATIONAL_UNIT_NAME="ITCS (Information Technology and Communications Service)"
 
 # NOT USE. SET WITH PARAM -n from create-ca.sh script
 # Common Name (eg, YOUR name)
-#COMMON_NAME="GMOLab CA"
+COMMON_NAME="GMOLab CA"
 
 # Email address
-#EMAIL_ADDRESS=example@example.com
+EMAIL_ADDRESS=example@example.com
 
 # Debug
 # false = debug inactive
 # true = debug active
-#DEBUG=false
+DEBUG=false
 
 # Automatically answers yes to the questions
 # 0 = Ask confirmation
 # 1 = does not ask confirmation
-#ASSUME_YES=0
-
-# If you change a path below, you must run 'sudo ./install.sh --reload-conf'.
-# Path to certificate files
-#CERTS_PATH=/var/lib/own-pki/certs
-
-# Path to the certificate authority's private key file
-#KEY_CA_PATH=/var/lib/ca/key
-
-# Path to the certificate authority's public key file
-#CRT_CA_PATH=/var/lib/ca/crt
-
-# Path to pki scripts
-#BIN_PATH=/opt/own-pki
+ASSUME_YES=0

tests/random-cert.sh

@@ -1,8 +1,30 @@
-#/bin/bash
-
-
+#!/bin/bash
+#############################################################
+# Script name: random-cert.sh
+# Author: Gilles Mouchet (gilles.mouchet@gmail.com
+# Version: v1beta 2026-04-28
+# Description: Generation certificates randomly
+# License: CC BY-NC 4.0 (https://creativecommons.org/licenses/by-nc/4.0/)
+#
+# This script is provided "as is", WITHOUT ANY WARRANTY OF ANY KIND.
+# Commercial use is strictly prohibited without prior authorization.
+#
+# Changelog
+# [1.0.0] - 2026-04-28
+# Added:
+#   - generation certificates randomly
+# Project initialization
+#   - initialization by gilles.mouchet@gmail.com
+#
+############################################################
+#
 version=1.0.0
 
+############################################################
+# FUNCTIONS
+############################################################
+#-----------------------------------------------------------
+# Display usage
 usage() {
     cat << EOF
 Usage: sudo ./$(basename "$0") options
@@ -18,7 +40,8 @@ Options:
             Show script version
 EOF
 }
-
+#-----------------------------------------------------------
+# Create a temporary certificate authority
 create_tempo_ca(){
     if [ ! -f "${CRT_CA_PATH}/${CA_CRT}" ]; then
         echo "Creation of a temporary CA"
@@ -43,7 +66,8 @@ create_tempo_ca(){
         chmod 444 $CRT_CA_PATH/$CA_CRT
     fi
 }
-
+#-----------------------------------------------------------
+# Generate certificate
 generate_cert() {
     local CA_CRT=""
     local CA_KEY=""
@@ -117,8 +141,8 @@ EOF
     echo -n "Result of certificate signing: "    
     check_rc $rc
 }
-
-# Fonction pour générer un FQDN
+#-----------------------------------------------------------
+# generates a random FQDN
 gen_fqdn() {
     local sub_len=$((RANDOM % 8 + 3))
     local name_len=$((RANDOM % 13 + 3))
@@ -130,13 +154,13 @@ gen_fqdn() {
 
     echo "tempo-${sub}.${name}.${tld[$((RANDOM % ${#tld[@]}))]}"
 }
-
-# Fonction IP
+#-----------------------------------------------------------
+# generates a random IP
 gen_ip() {
     echo "$((RANDOM % 256)).$((RANDOM % 256)).$((RANDOM % 256)).$((RANDOM % 256))"
 }
-
-# Liste (fqdn ou ip)
+#-----------------------------------------------------------
+# list (fqdn or ip)
 gen_list() {
     local type=$1
     local count=$((RANDOM % 3 + 3))
@@ -237,11 +261,5 @@ EOF
             ;;
        esac
     done
-
-
-
-
-
-
 }
 main "$@"