From ca8016385e0cf8525b58f52f169448f494bea7c3 Mon Sep 17 00:00:00 2001 From: Saad Karim Date: Wed, 21 Feb 2018 12:57:58 -0500 Subject: [PATCH] [FAB-8387] Add gencrl to revoke command Add --gencrl flag to revoke command to illustrate the ability to generate a CRL while performing a revocation. Change-Id: I7521cfee54f8704675236d7afb2876b87eb339bf Signed-off-by: Saad Karim --- fabric-ca/scripts/env.sh | 6 +++--- fabric-ca/scripts/run-fabric.sh | 3 +-- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/fabric-ca/scripts/env.sh b/fabric-ca/scripts/env.sh index 88d7bda6..8306967b 100755 --- a/fabric-ca/scripts/env.sh +++ b/fabric-ca/scripts/env.sh @@ -274,12 +274,12 @@ function switchToUserIdentity { } # Revokes the fabric user -function revokeFabricUser { +function revokeFabricUserAndGenerateCRL { switchToAdminIdentity export FABRIC_CA_CLIENT_HOME=$ORG_ADMIN_HOME - logr "Revoking the user '$USER_NAME' of the organization '$ORG' with Fabric CA Client home directory set to $FABRIC_CA_CLIENT_HOME ..." + logr "Revoking the user '$USER_NAME' of the organization '$ORG' with Fabric CA Client home directory set to $FABRIC_CA_CLIENT_HOME and generating CRL ..." export FABRIC_CA_CLIENT_TLS_CERTFILES=$CA_CHAINFILE - fabric-ca-client revoke -d --revoke.name $USER_NAME + fabric-ca-client revoke -d --revoke.name $USER_NAME --gencrl } # Generates a CRL that contains serial numbers of all revoked enrollment certificates. diff --git a/fabric-ca/scripts/run-fabric.sh b/fabric-ca/scripts/run-fabric.sh index b3d139bd..bd938073 100755 --- a/fabric-ca/scripts/run-fabric.sh +++ b/fabric-ca/scripts/run-fabric.sh @@ -89,8 +89,7 @@ function main { switchToUserIdentity # Revoke the user and generate CRL using admin's credentials - revokeFabricUser - generateCRL + revokeFabricUserAndGenerateCRL # Fetch config block fetchConfigBlock