X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=blobdiff_plain;ds=sidebyside;f=utilities%2Fovs-pki.in;h=39d5782e03c0174c57585805536c26f61eec5d26;hb=e328faadc42cb835b1adf1ef4d77a42c76b52f3f;hp=15ac17b924aa952875a478a285197bd5b4959eeb;hpb=064af42167bf4fc9aaea2702d80ce08074b889c0;p=openvswitch

diff --git a/utilities/ovs-pki.in b/utilities/ovs-pki.in
index 15ac17b9..39d5782e 100755
--- a/utilities/ovs-pki.in
+++ b/utilities/ovs-pki.in
@@ -1,5 +1,19 @@
 #! /bin/sh
 
+# Copyright (c) 2008, 2009 Nicira Networks, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 set -e
 
 pkidir='@PKIDIR@'
@@ -179,6 +193,9 @@ if test "$command" = "init"; then
         openssl dsaparam -out dsaparam.pem $bits 1>&3 2>&3
     fi
 
+    # Get the current date to add some uniqueness to this certificate
+    curr_date=`date +"%Y %b %d %T"`
+
     # Create the CAs.
     for ca in controllerca switchca; do
         echo "Creating $ca..." >&2
@@ -198,9 +215,9 @@ if test "$command" = "init"; then
             cp ../dsaparam.pem .
         fi
 
-    # Write CA configuration file.
+        # Write CA configuration file.
         if test ! -e ca.cnf; then
-            sed "s/@ca@/$ca/g" > ca.cnf <<'EOF'
+            sed "s/@ca@/$ca/g;s/@curr_date@/$curr_date/g" > ca.cnf <<'EOF'
 [ req ]
 prompt = no
 distinguished_name = req_distinguished_name
@@ -211,7 +228,7 @@ ST = CA
 L = Palo Alto
 O = Open vSwitch
 OU = @ca@
-CN = Open vSwitch @ca@ CA Certificate
+CN = OVS @ca@ CA Certificate (@curr_date@)
 
 [ ca ]
 default_ca = the_ca
@@ -254,7 +271,7 @@ EOF
             -newkey $newkey -keyout private/cakey.pem -out careq.pem \
             1>&3 2>&3
         openssl ca -config ca.cnf -create_serial -out cacert.pem \
-            -days 1095 -batch -keyfile private/cakey.pem -selfsign \
+            -days 2191 -batch -keyfile private/cakey.pem -selfsign \
             -infiles careq.pem 1>&3 2>&3
         chmod 0700 private/cakey.pem