Check if openssl call failed

author Gunnar Beutner <gunnar.beutner@netways.de>

Tue, 8 Jul 2014 07:05:07 +0000 (09:05 +0200)

committer Gunnar Beutner <gunnar.beutner@netways.de>

Tue, 8 Jul 2014 07:05:07 +0000 (09:05 +0200)
author Gunnar Beutner <gunnar.beutner@netways.de>
Tue, 8 Jul 2014 07:05:07 +0000 (09:05 +0200)
committer Gunnar Beutner <gunnar.beutner@netways.de>
Tue, 8 Jul 2014 07:05:07 +0000 (09:05 +0200)
diff --git a/pki/icinga2-sign-key.cmake b/pki/icinga2-sign-key.cmake

index f3aa5c6f282da262181be0c3a0cee3fff1fcff07..a57a6fa8bcfc8f5e23da6cf77760e32e0fd51c85 100644 (file)
--- a/pki/icinga2-sign-key.cmake
+++ b/pki/icinga2-sign-key.cmake
@@ -26,7 +26,10 @@ fi
  
  [ -f $ICINGA_CA/vars ] && . $ICINGA_CA/vars
  
-openssl x509 -days "$REQ_DAYS" -CA $ICINGA_CA/ca.crt -CAkey $ICINGA_CA/ca.key -req -in $ICINGA_CA/$csrfile -outform PEM -out $ICINGA_CA/$pubkfile.crt -CAserial $ICINGA_CA/serial
+if ! openssl x509 -days "$REQ_DAYS" -CA $ICINGA_CA/ca.crt -CAkey $ICINGA_CA/ca.key -req -in $ICINGA_CA/$csrfile -outform PEM -out $ICINGA_CA/$pubkfile.crt -CAserial $ICINGA_CA/serial; then
+       echo "Signing the CSR failed." >&2
+       exit 1
+fi
  
  cn=`openssl x509 -in $pubkfile.crt -subject | grep -Eo '/CN=[^ ]+' | cut -f2- -d=`
author	Gunnar Beutner <gunnar.beutner@netways.de>
	Tue, 8 Jul 2014 07:05:07 +0000 (09:05 +0200)
committer	Gunnar Beutner <gunnar.beutner@netways.de>
	Tue, 8 Jul 2014 07:05:07 +0000 (09:05 +0200)