--- /dev/null
+#!/bin/sh
+
+set -e
+
+if [ $# -ne 2 ]
+then
+ echo "usage: $(basename "$0") environment region"
+ exit 64
+fi
+
+ca_cert="${1}_ca/pki/ca.crt"
+crl_pem="${1}_ca/pki/crl.pem"
+cert="${1}_ca/pki/issued/${2}.${1}.crt"
+key="${1}_ca/pki/private/${2}.${1}.key"
+ta_secret="${1}_ca/pki/ta.key"
+
+function onlycert(){
+ sed -n '/-----BEGIN /,/-----END /p' "$@"
+}
+function indent(){
+ sed 's/^/ /' "$@"
+}
+
+cat<<EOF
+---
+QUAGGA_PASSWORD: $(pwgen -y 16)
+ca_name: $1
+ca_cert: |
+$(indent "${ca_cert}")
+crl_pem: |
+$(indent "${crl_pem}")
+cert: |
+$(onlycert "${cert}" | indent)
+key: |
+$(indent "${key}")
+ta_secret: |
+$(indent "${ta_secret}")
+EOF