community-scripts/ProxmoxVED
5
0
Fork 0
Code Issues Pull Requests Actions 6 Packages Projects Releases Wiki Activity

Update user prompts for CSR details in script

Browse Source
This commit is contained in:
Joerg Heinemann 2026-02-11 16:40:33 +01:00 committed by GitHub
parent 667ba8a2f3
commit 69d44dddfa
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 18 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
install/step-ca-install.sh
View File

@ -241,33 +241,41 @@ PROVISIONER_PASSWORD=$(step path)/encryption/provisioner.pwd
while true; while true;
do do
FQDN=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "step ca certificate options" --inputbox 'FQDN (e.g. MyLXC.example.com)' 10 50 "$FQDN" 3>&1 1>&2 2>&3) FQDN=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "Certificate Signing Request (CSR)" --inputbox 'FQDN (e.g. MyLXC.example.com)' 10 50 "$FQDN" 3>&1 1>&2 2>&3)
IP=$(dig +short $FQDN) IP=$(dig +short $FQDN)
if [[ -z "$IP" ]]; then if [[ -z "$IP" ]]; then
echo "Resolution failed for $FQDN" echo "Resolution failed for $FQDN"
exit exit
fi fi
HOST=$(echo $FQDN | awk -F'.' '{print $1}') HOST=$(echo $FQDN | awk -F'.' '{print $1}')
IP=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "step ca certificate options" --inputbox 'IP (e.g. x.x.x.x)' 10 50 "$IP" 3>&1 1>&2 2>&3) IP=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "Certificate Signing Request (CSR)" --inputbox 'IP (e.g. x.x.x.x)' 10 50 "$IP" 3>&1 1>&2 2>&3)
HOST=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "step ca certificate options" --inputbox 'HOST (e.g. MyHostName)' 10 50 "$HOST" 3>&1 1>&2 2>&3) HOST=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "Certificate Signing Request (CSR)" --inputbox 'HOST (e.g. MyHostName)' 10 50 "$HOST" 3>&1 1>&2 2>&3)
VALID_TO=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "step ca certificate options" --inputbox 'VALID_TO (e.g. 2034-01-31T00:00:00Z)' 10 50 "2034-01-31T00:00:00Z" 3>&1 1>&2 2>&3) SAN=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "Certificate Signing Request (CSR)" --inputbox 'Subject Alternative Name(s) (SANs) (e.g. myapp-1.example.com, myapp-2.example.com)' 10 50 "$SAN" 3>&1 1>&2 2>&3)
VALID_TO=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "Certificate Signing Request (CSR)" --inputbox 'VALID_TO (e.g. 2034-01-31T00:00:00Z)' 10 50 "2034-01-31T00:00:00Z" 3>&1 1>&2 2>&3)
if whiptail_yesno=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "step ca certificate options" --yesno "Continue with below?\n if whiptail_yesno=$(whiptail --backtitle "Proxmox VE Helper Scripts" --title "Certificate Signing Request (CSR)" --yesno "Continue with below?\n
HOST: $HOST
IP: $IP
FQDN: $FQDN FQDN: $FQDN
Hostname: $HOST
IP Address: $IP
Subject Alternative Name(s) (SANs): $SAN
VALID_TO: $VALID_TO" --no-button "Change" --yes-button "Continue" 15 70 3>&1 1>&2 2>&3); then VALID_TO: $VALID_TO" --no-button "Change" --yes-button "Continue" 15 70 3>&1 1>&2 2>&3); then
break break
fi fi
done done
SAN="$FQDN, $HOST, $IP, $SAN"
IFS=', ' read -r -a array <<< "$SAN"
for element in "${array[@]}"
do
SAN_ARRAY+=(--san "$element")
done
step ca certificate $FQDN $StepCertDir/$FQDN.crt $StepCertDir/$FQDN.key \ step ca certificate $FQDN $StepCertDir/$FQDN.crt $StepCertDir/$FQDN.key \
--provisioner-password-file=$PROVISIONER_PASSWORD \ --provisioner-password-file=$PROVISIONER_PASSWORD \
--not-after=$VALID_TO \ --not-after=$VALID_TO \
--san $FQDN \ "${SAN_ARRAY[@]}" \
--san $HOST \
--san $IP \
&& step certificate inspect $StepCertDir/$FQDN.crt \ && step certificate inspect $StepCertDir/$FQDN.crt \
|| echo "Failed to request certificate"; exit || echo "Failed to request certificate"; exit
EOF EOF