I have a few scripts that can´t quite generate my encryption certificates to be able to start my Radius Server Sript one CA.server Here is what my script is complaining about [root@nicaragua raddb]# ./CA.server nicaragua ./CA.server: line 2: syntax error near unexpected token `newline' ./CA.server: line 2: `KEYGEN=<span class="comment hl">(/usr/sbin/dns-genkey)</span>' Here is the script its self any ideas PENSSL=/usr/bin/openssl KEYGEN=<span class="comment hl">(/usr/sbin/dns-genkey)</span> PASSDIR=/pass/server-name.pass DERDIR=der P12DIR=p12 PEMDIR=pem VALIDFOR=365 SNAME=$1 PASSWD=$2 ROOTPASSWD=$3 mkdir -p $PEMDIR $P12DIR $DERDIR $PASSDIR if [ -z "${SNAME}" ]; then echo "WARNING: server name not specified. Using \"server\"." SNAME=server fi if [ -z "${PASSWD}" ]; then echo "No password specified, trying $PASSDIR/$SNAME.pass." if [ -a $PASSDIR/$SNAME.pass ]; then PASSWD=`cat $PASSDIR/$SNAME.pass` else echo "Not found. Generating password, see $PASSDIR/$SNAME.pass for contents." PASSWD=`$KEYGEN | head -c 32` cat /dev/null > $PASSDIR/$SNAME.pass echo $PASSWD >> $PASSDIR/$SNAME.pass fi fi if [ -z "${ROOTPASSWD}" ]; then echo "No root password specified, trying $PASSDIR/root.pass." if [ -a $PASSDIR/root.pass ]; then ROOTPASSWD=`cat $PASSDIR/root.pass` else echo "FATAL: No root certification password." exit fi fi $OPENSSL req -new -keyout $PEMDIR/newreq.pem -out $PEMDIR/newreq.pem -passin \ pass:$PASSWD -passout pass:$PASSWD $OPENSSL ca -policy policy_anything -out $PEMDIR/newcert.pem -key $ROOTPASSWD \ -extensions xpserver_ext -extfile xpextensions -days $VALIDFOR -infiles $PEMDIR/newreq.pem $OPENSSL pkcs12 -export -in $PEMDIR/newcert.pem -inkey $PEMDIR/newreq.pem -out \ $P12DIR/$1.p12 -clcerts -passin pass:$PASSWD -passout pass:$PASSWD $OPENSSL pkcs12 -in $P12DIR/$SNAME.p12 -out $PEMDIR/$SNAME.pem -passin \ pass:$PASSWD -passout pass:$PASSWD $OPENSSL x509 -inform PEM -outform DER -in $PEMDIR/$SNAME.pem -out $DERDIR/$SNAME.der rm -rf $PEMDIR/newcert.pem $PEMDIR/newreq.pem
Try to escape all kinds of <>"\ and other symbols with \ Otherwise try to enclose the string in single quote Did you actually copy the script from webpage? Then remove all tags and it will work.
I did copy it from a web page and was able to add \ to the end of lines 2 and 3 and it ran the problem now is it will generate a certificate but when it comes to importing it to the file it needs to be it can´t Problem with that is it is Freeradius which (as I understand it) only reads the first 30 some odd characters. You ever set up a free radius server?
make sure that line #2 looks like: KEYGEN=/usr/sbin/dns-genkey Afterwards run this script and see that all cert files are generated as required Make sure that PASSDIR exists and you pass all required parameters. If needed repost your script and results of the invocation
Did that Okay I tried that and here is the output [root@nicaragua raddb]# ./CA.root ./CA.root: line 2: span: No such file or directory ./CA.root: process substitution: line 2: syntax error near unexpected token `newline' ./CA.root: process substitution: line 2: `/etc/pki/tls/misc/<span class="filename">CA.pl</span>' mkdir: `/pass/root.pass' exists but is not a directory No root password specified, trying /pass/root.pass/root.pass. Not found. Generating password, see /pass/root.pass/root.pass for contents. ./CA.root: line 20: /pass/root.pass/root.pass: Not a directory ./CA.root: line 21: /pass/root.pass/root.pass: Not a directory Generating a 1024 bit RSA private key .....................++++++ ......................++++++ writing new private key to '/pem/newreq.pem' 28397:error:0906906FEM routinesEM_ASN1_write_bio:read keyem_lib.c:331: ./CA.root: line 29: -newca: command not found unable to load private key 28402:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:150: unable to load certificate 28403:error:0906D06CEM routinesEM_read_bio:no start lineem_lib.c:644:Expecting: TRUSTED CERTIFICATE [root@nicaragua raddb]#
