die "Secret/CA/easyrsa: not an executable\n"
if ! -x "Secret/CA/easyrsa";
die "Secret/CA/pki/: already exists\n" if -e "Secret/CA/pki";
+
+ umask 077;
mysystem "cd Secret/CA; ./easyrsa init-pki";
mysystem "cd Secret/CA; ./easyrsa build-ca nopass";
# Common Name: small.example.org
" --batch --quick-generate-key --passphrase ''",
" root\@core.$pvt");
mysystem ("gpg --homedir Secret/root.gnupg",
- " --export --armor --output root-pub.pem",
+ " --export --armor --output Secret/root-pub.pem",
" root\@core.$pvt");
chmod 0440, "root-pub.pem";
mysystem ("gpg --homedir Secret/root.gnupg",
- " --export-secret-key --armor --output root-sec.pem",
+ " --export-secret-key --armor --output Secret/root-sec.pem",
" root\@core.$pvt");
chmod 0400, "root-sec.pem";
die "Secret/CA/easyrsa: not an executable\n"
if ! -x "Secret/CA/easyrsa";
die "Secret/CA/pki/: already exists\n" if -e "Secret/CA/pki";
+
+ umask 077;
mysystem "cd Secret/CA; ./easyrsa init-pki";
mysystem "cd Secret/CA; ./easyrsa build-ca nopass";
# Common Name: small.example.org
" --batch --quick-generate-key --passphrase ''",
" root\@core.$pvt");
mysystem ("gpg --homedir Secret/root.gnupg",
- " --export --armor --output root-pub.pem",
+ " --export --armor --output Secret/root-pub.pem",
" root\@core.$pvt");
chmod 0440, "root-pub.pem";
mysystem ("gpg --homedir Secret/root.gnupg",
- " --export-secret-key --armor --output root-sec.pem",
+ " --export-secret-key --armor --output Secret/root-sec.pem",
" root\@core.$pvt");
chmod 0400, "root-sec.pem";