#!/bin/bash
#Some defines
RED='\033[0;31m'
GREEN='\033[0;32m'
BLUE='\033[0;34m'
YELLOW='\033[1;33m'
NC='\033[0m'

if [ "$EUID" -ne 0 ]; then
	echo -e "${RED}ERROR: Please run as root with sudo${NC}" >&2
	exit 1
fi

echo -e "${GREEN}Enter ROOT Certificate Name without the suffix e.g. ${YELLOW}ROOT${NC}"
read ROOT
echo -e "${GREEN}Enter the serial number ${YELLOW}in HEX ${GREEN}of the certificate you wish to revoke${NC}"
read SERIAL
echo "Revoking certificate"
openssl ca -revoke ./data/newcerts/${SERIAL}.pem -config openssl.cnf -keyfile ${ROOT}.key -cert ${ROOT}.crt
openssl ca -config openssl.cnf -gencrl -keyfile ${ROOT}.key -cert ${ROOT}.crt -out root.crl.pem
openssl crl -inform PEM -in root.crl.pem -outform DER -out root.crl
rm root.crl.pem
#cp root.crl /var/www/html/ca1

echo "Done"

