make sure you can't generate keys without CA keys

2025-03-07 06:55:40 +00:00 · 2025-03-07 06:55:40 +00:00 · 81119bef0c
commit 81119bef0c
parent 56fc38eb5d
2 changed files with 8 additions and 2 deletions
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit 7b077423c65a5e3a396287e5367e597592333708
+Subproject commit 38fcf574249e3a39a404061be5d2bd64021cc54a
--- a/start-proxy.sh
+++ b/start-proxy.sh
@ -10,6 +10,13 @@ v$VERSION-g$(git log -n 1 --pretty=format:%h -- $SCRIPT_DIR)
 EOF

 CERT_PATH="${SCRIPT_DIR}/configs/m.google.com/public/google.com.pem"
+CA_PATH="${SCRIPT_DIR}/myCA"
+
+if [[ ! -f "$CA_PATH.pem" || ! -f "$CA_PATH.key" ]]; then
+    echo "CA certificates missing!"
+    echo "checked path: $CA_PATH.(pem/key)"
+    exit 1
+fi

 if [[ ! -f "$CERT_PATH" ]]; then
    echo "m.google.com certificate missing!"
@ -20,7 +27,6 @@ fi
 EXPIRY_DATE=$(openssl x509 -enddate -noout -in "$CERT_PATH" | cut -d= -f2)
 EXPIRY_TIMESTAMP=$(date -d "$EXPIRY_DATE" +%s)
 CURRENT_TIMESTAMP=$(date +%s)
-CURRENT_TIMESTAMP="2743883708"

 if [[ "$EXPIRY_TIMESTAMP" -lt "$CURRENT_TIMESTAMP" ]]; then
    echo "Certificate expired. Regenerating..."