password for client cert

tools/create-client-cert.sh

@@ -1,14 +1,15 @@
 #!/bin/bash
 set -e
 
-# Check if client name is provided
+# Check if client name and password are provided
-if [ $# -eq 0 ]; then
+if [ $# -lt 2 ]; then
-    echo "Usage: $0 <client-name>"
+    echo "Usage: $0 <client-name> <p12-password>"
-    echo "Example: $0 john.doe"
+    echo "Example: $0 john.doe mySecurePassword123"
     exit 1
 fi
 
 CLIENT_NAME="$1"
+P12_PASSWORD="$2"
 
 # Check if CA exists
 if [ ! -f "ca/ca.crt" ] || [ ! -f "ca/ca.key" ]; then
@@ -47,7 +48,7 @@ openssl pkcs12 -export \
     -in clients/$CLIENT_NAME/$CLIENT_NAME.crt \
     -certfile ca/ca.crt \
     -name "$CLIENT_NAME Home Automation Client" \
-    -passout pass:
+    -passout pass:$P12_PASSWORD
 
 # Set appropriate permissions
 chmod 400 clients/$CLIENT_NAME/$CLIENT_NAME.key
@@ -67,7 +68,7 @@ echo ""
 echo "Installation Instructions:"
 echo "1. Import the PKCS#12 file into your browser/application"
 echo "2. The bundle contains both the client certificate and CA certificate"
-echo "3. No password is set for the PKCS#12 file (you can add one by modifying the -passout parameter)"
+echo "3. Password for PKCS#12 file: $P12_PASSWORD"
 echo ""
 echo "For testing with curl:"
 echo "curl --cert clients/$CLIENT_NAME/$CLIENT_NAME.crt --key clients/$CLIENT_NAME/$CLIENT_NAME.key --cacert ca/ca.crt https://homea2.hottis.de/"