Fixed ssl
parent
343293c219
commit
150344868b
|
@ -58,17 +58,9 @@ if ! sudo chmod 400 "${SSL_CONFIG_DIR}/${username}/${hostname}/server.key" >>"${
|
||||||
exit 7
|
exit 7
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Generate config
|
# Generate CSR
|
||||||
san="subjectAltName = DNS:${hostname}.${username}.${TLD},DNS:*.${hostname}.${username}.${TLD}"
|
san="subjectAltName = DNS:${hostname}.${username}.${TLD},DNS:*.${hostname}.${username}.${TLD}"
|
||||||
[ "${ipstring}" != "" ] && san="${san},${ipstring}"
|
[ "${ipstring}" != "" ] && san="${san},${ipstring}"
|
||||||
#if ! printf '%s\n' "${san}" | sudo cat '/etc/ssl/openssl.cnf' /dev/stdin \
|
|
||||||
#| sudo tee "${SSL_CONFIG_DIR}/${username}/${hostname}.cnf"; then
|
|
||||||
# printf 'Failed to generate %s/%s/%s.cnf\n' "${SSL_CONFIG_DIR}" "${username}" "${hostname}" >>"${LOGFILE}"
|
|
||||||
# exit 7
|
|
||||||
#fi
|
|
||||||
#sudo cat "${SSL_CONFIG_DIR}/${username}/${hostname}.cnf" >>"${LOGFILE}"
|
|
||||||
|
|
||||||
# Generate CSR
|
|
||||||
if ! sudo /usr/bin/openssl req -new -sha256 -reqexts SAN \
|
if ! sudo /usr/bin/openssl req -new -sha256 -reqexts SAN \
|
||||||
-key "${SSL_CONFIG_DIR}/${username}/${hostname}/server.key" \
|
-key "${SSL_CONFIG_DIR}/${username}/${hostname}/server.key" \
|
||||||
-out "${SSL_CONFIG_DIR}/${username}/${hostname}.csr" \
|
-out "${SSL_CONFIG_DIR}/${username}/${hostname}.csr" \
|
||||||
|
@ -78,7 +70,6 @@ if ! sudo /usr/bin/openssl req -new -sha256 -reqexts SAN \
|
||||||
printf 'Failed to generate %s/%s/%s.csr\n' "${SSL_CONFIG_DIR}" "${username}" "${hostname}" >>"${LOGFILE}"
|
printf 'Failed to generate %s/%s/%s.csr\n' "${SSL_CONFIG_DIR}" "${username}" "${hostname}" >>"${LOGFILE}"
|
||||||
exit 7
|
exit 7
|
||||||
fi
|
fi
|
||||||
# -config "${SSL_CONFIG_DIR}/${username}/${hostname}.cnf"
|
|
||||||
|
|
||||||
# Generate cert
|
# Generate cert
|
||||||
if ! sudo /usr/bin/openssl x509 -req -sha256 -extensions SAN -CAcreateserial \
|
if ! sudo /usr/bin/openssl x509 -req -sha256 -extensions SAN -CAcreateserial \
|
||||||
|
|
|
@ -134,7 +134,7 @@ if "${LIB_DIR}/ns_update_add" "${domain}" "${ipv4}" "${ipv6}"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Create SSL cert
|
# Create SSL cert
|
||||||
if "${LIB_DIR}/ssl_peer_add" "${hostname}" "${username}" "IP:${ipv4},IP:${ipv6}"
|
if "${LIB_DIR}/ssl_peer_add" "${hostname}" "${username}" "IP:${ipv4},IP:[${ipv6}]"
|
||||||
then printf 'Successfully signed SSL certs for %s,%s,%s.\n' "${domain}" "${ipv4}" "${ipv6}" >>"${LOGFILE}"
|
then printf 'Successfully signed SSL certs for %s,%s,%s.\n' "${domain}" "${ipv4}" "${ipv6}" >>"${LOGFILE}"
|
||||||
else printf 'ERROR! Failed to create certs for %s with IPS: %s %s!\n' "${domain}" "${ipv4}" "${ipv6}" >>"${LOGFILE}"
|
else printf 'ERROR! Failed to create certs for %s with IPS: %s %s!\n' "${domain}" "${ipv4}" "${ipv6}" >>"${LOGFILE}"
|
||||||
fi
|
fi
|
||||||
|
|
Loading…
Reference in New Issue