#!/bin/sh

if [ "x$GLOBUS_LOCATION" = "x" ]; then
   echo 'Set the $GLOBUS_LOCATION variable'
   exit 1
fi

echo -n "Insert your full name (e.g. Daniel Kouril): "
read NAME
if [ "x$NAME" = "x" ]; then
   echo "Name cannot be empty"
   exit 1
fi

echo -n "Insert your email address (e.g. kouril@ics.muni.cz): "
read EMAIL
if [ "x$EMAIL" = "x" ]; then
   echo "Email cannot be empty"
   exit 1
fi

CFG_FILE=`mktemp /tmp/openssl-cfg.XXXXXX`
if [ $? -ne 0 ]; then
   echo "Can't create temp file"
   exit 1
fi

cat > $CFG_FILE << EOF
default_bits            = 1024
distinguished_name      = req_distinguished_name
string_mask             = nombstr
req_extensions          = req_ext
attributes              = req_attr
prompt                  = no

[req_distinguished_name]
0.O                     = Grid
1.O                     = GridLab
EOF


echo CN = $NAME                    >> $CFG_FILE
echo [req_ext]                     >> $CFG_FILE
echo subjectAltName = email:$EMAIL >> $CFG_FILE
echo [req_attr]                    >> $CFG_FILE
echo emailAddress = $EMAIL         >> $CFG_FILE

umask 177 
$GLOBUS_LOCATION/bin/openssl req -new -nodes -keyout userkey.pem -out userreq.pem -config  $CFG_FILE

if [ $? -ne 0 ]; then
   echo "Error while generating certificate request"
   rm -f $CFG_FILE
   exit 1
fi

rm -f $CFG_FILE

echo 
echo "A new certification request and appropriate key-pair have been"
echo "generated. Check the request e.g. with "
echo "$GLOBUS_LOCATION/bin/openssl req -text -noout -in userreq.pem"
echo "and then send it to the Gridlab CA e.g. with the following command:"
echo "mail ca@gridlab.org < userreq.pem"