Add logging for failed openssl

2022-09-10 11:19:59 -06:00 · 2022-09-10 11:19:59 -06:00 · 4a391bf4a3
parent 51922e737e
commit 4a391bf4a3
1 changed files with 3 additions and 2 deletions
--- a/back/lib/ssl_peer_add
+++ b/back/lib/ssl_peer_add
@ -37,7 +37,7 @@ ipstring="${3}"
 printf 'Signing SSL certs for %s.%s.%s...\n' "${hostname}" "${username}" "${TLD}" >>"${LOGFILE}"

 # Generate key
-if ! sudo /usr/bin/openssl genrsa -out "${SSL_CONFIG_DIR:?}/${username:?}/${hostname:?}/server.key" >>"${LOGFILE}" 2>&1; then
+if ! sudo /usr/bin/openssl genrsa -out "${SSL_CONFIG_DIR:?}/${username:?}/${hostname:?}/server.key" >/dev/null 2>&1; then
 	printf 'Failed to generate SSL key %s/%s/server.key\n' "${username}" "${hostname}" >>"${LOGFILE}"
 	exit 7
 fi
@ -53,11 +53,12 @@ fi
 # Generate config
 san="\n[SAN]\nsubjectAltNames=DNS:${hostname:?}.${username:?}.${TLD:?},DNS:*.${hostname:?}.${username:?}.${TLD:?}"
 [ "${ipstring}" != "" ] && san="${san},${ipstring}"
-if ! cat '/etc/ssl/openssl.cnf' <(printf '%s' "${san}") \
+if ! printf '%s' "${san}" | sudo cat '/etc/ssl/openssl.cnf' /dev/stdin \
 > "${SSL_CONFIG_DIR:?}/${username:?}/${hostname:?}.cnf"; then
 		printf 'Failed to generate %s/%s.cnf\n' "${username}" "${hostname}" >>"${LOGFILE}"
 		exit 7
 fi
+sudo tail "${SSL_CONFIG_DIR:?}/${username:?}/${hostname:?}.cnf" >>"${LOGFILE}"

 # Generate CSR
 if ! sudo /usr/bin/openssl req -new -sha256 -reqexts SAN \