root/zertifizierung
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9 Commits 1 Branch 0 Tags
dd10546688fe8567e878dc106545fbc5d61a80f4
Commit Graph

2 Commits

Author SHA1 Message Date
root
44850efcd2 feat: complete IP address in SAN support 
Changes:
- generate-csr.sh: Auto-detects target IP via SSH or DNS
- sign-cert.sh: Preserves SAN extensions including IP addresses
- Uses UCS CA password file for automated signing
- Fixes IP Address: -> IP: format conversion for OpenSSL compatibility

Benefits:
 Access services via https://10.0.0.50:8006 without warnings
 Access via https://hostname:8006 also works
 Single certificate for all access methods
 Browser shows secure connection for both methods

Technical details:
- Extracts SAN from CSR and applies via -extfile
- Uses 'openssl x509 -req' with -passin file:/etc/univention/ssl/password
- Preserves all DNS names and IP addresses in signed certificate
 2025-10-23 09:32:50 +02:00
root
576e7de917 Initial commit: Certificate management tools 
- cert-manager.py: Interactive certificate lifecycle management
- generate-csr.sh: Generate CSR on remote host
- sign-cert.sh: Sign certificate with UCS CA
- README.md: Complete documentation
- .gitignore: Ignore certificate and config files

Features:
- Interactive prompts with default values
- Config persistence between runs
- Remote CSR generation with proper server extensions
- Automated CA signing
- Optional certificate deployment
 2025-10-23 08:11:35 +02:00