enabled batch key generation

ssl/mkcerts

@@ -1,18 +1,27 @@
 #!/usr/bin/bash
+export OPENSSL_CONF=./etc/kopano-ca.conf
+export CA_PWD=kopano
+export CA_SUBJ="/DC=de/DC=dts/O=Digital Trust Solutions/OU=Information Security Unit/CN=DTS Signing CA/"
 # create ssl certificates for docker network
+rm tmp/*.csr
+rm db/*.pem
+rm db/*.db
+rm db/*.srl
+touch db/kopano-ca.db
+touch db/kopano-ca.db.attr 
+echo 01 >db/kopano-ca.crt.srl
+echo 01 >db/kopano-ca.crl.srl
 # create signing ca (minimal pki)
-openssl req -new -config etc/kopano-ca.conf -out ca/kopano-ca.csr -keyout private/kopano-ca.key
-openssl ca -selfsign -config etc/kopano-ca.conf -in ca/kopano-ca.csr -out certs/kopano-ca.crt -extensions signing_ca_ext
+openssl req -new -reqexts ca_reqext -subj "$CA_SUBJ" -out tmp/kopano-ca.csr -passout pass:$CA_PWD -keyout certs/kopano-ca.key
+openssl ca -batch -selfsign -in tmp/kopano-ca.csr -passin env:CA_PWD -out certs/kopano-ca.crt -extensions signing_ca_ext
+
 # create kopano server ssl key (for encryption)
-set SAN=DNS:server
-openssl req -new -config etc/kopano-server.conf -out certs/kopano-server.csr -keyout private/kopano-server.key
-openssl ca -config etc/kopano-ca.conf -in certs/kopano-server.csr -out certs/kopano-server.crt -extensions server_ext
+./create-key server
 
 # create kopano clients ssl key pair (for authentification)
 # private key for client, public key for server sslkeys
-create-key dagent
-create-key spooler
-create-key search
-create-key webapp
-create-key z-push
-
+./create-key dagent
+./create-key spooler
+./create-key search
+./create-key webapp
+./create-key z-push