/scripts/alcasar-CA.sh |
---|
219,7 → 219,9 |
openssl ca -config $DIR_TMP/ssl.conf -name AlcasarCA -batch -days $SRVCERT_LIFETIME -in $SRVREQ -out $SRVCERT 2>> $DIR_TMP/openssl-log |
rm -f $SRVREQ |
cp -f $SRVCERT $SRVCHAIN # in order to simplify the official intranet certificate import process |
cat $SRVKEY $SRVCERT > $SRVPEM |
(cat $SRVKEY; echo; cat $SRVCERT) > $SRVPEM |
chmod a+r $CACERT $SRVCERT $SRVCHAIN |
# Link certs in ALCASAR Control Center |
/scripts/alcasar-certificates.sh |
---|
73,7 → 73,9 |
# Import of CA Certificate |
tar xzvf $1 --directory=$DIR_IMPORT |
cat $DIR_PKI/tls/private/alcasar.key $DIR_PKI/tls/certs/alcasar.crt > $DIR_PKI/tls/private/alcasar.pem |
(cat $DIR_PKI/tls/private/alcasar.key; echo; cat $DIR_PKI/tls/certs/alcasar.crt) > $DIR_PKI/tls/private/alcasar.pem |
echo "Import new certificates in ALCASAR !!!" |
cp -r $DIR_IMPORT/* /. |
chown root:apache $DIR_PKI/CA/{alcasar-ca.crt,private/alcasar-ca.key} |
/scripts/alcasar-conf.sh |
---|
127,7 → 127,9 |
cp -f $DIR_UPDATE/alcasar-ca.key* /etc/pki/CA/private/ # autosigned & official |
cp -f $DIR_UPDATE/alcasar.crt /etc/pki/tls/certs/ |
cp -f $DIR_UPDATE/alcasar.key /etc/pki/tls/private/ |
cat /etc/pki/tls/private/alcasar.key /etc/pki/tls/certs/alcasar.crt > /etc/pki/tls/private/alcasar.pem |
(cat /etc/pki/tls/private/alcasar.key; echo; cat /etc/pki/tls/certs/alcasar.crt) > /etc/pki/tls/private/alcasar.pem |
[ -e $DIR_UPDATE/server-chain.crt ] && cp -f $DIR_UPDATE/server-chain.crt* /etc/pki/tls/certs/ # autosigned and official if exist |
chown -R root:apache /etc/pki |
chmod -R 750 /etc/pki |
/scripts/alcasar-importcert.sh |
---|
40,7 → 40,9 |
then |
mv $DIR_CERT/certs/server-chain.crt.old $DIR_CERT/certs/server-chain.crt |
fi |
cat $DIR_CERT/private/alcasar.key $DIR_CERT/certs/alcasar.crt > $DIR_CERT/private/alcasar.pem |
(cat $DIR_CERT/private/alcasar.key; echo; cat $DIR_CERT/certs/alcasar.crt) > $DIR_CERT/private/alcasar.pem |
chown root:apache $DIR_CERT/private/alcasar.pem |
chmod 750 $DIR_CERT/private/alcasar.pem |
} |
83,8 → 85,9 |
cp $cert $DIR_CERT/certs/alcasar.crt |
cp $key $DIR_CERT/private/alcasar.key |
cat $DIR_CERT/private/alcasar.key $DIR_CERT/certs/alcasar.crt > $DIR_CERT/private/alcasar.pem |
(cat $DIR_CERT/private/alcasar.key; echo; cat $DIR_CERT/certs/alcasar.crt) > $DIR_CERT/private/alcasar.pem |
chown root:apache $DIR_CERT/certs/alcasar.crt |
chown root:apache $DIR_CERT/private/alcasar.key |
chown root:apache $DIR_CERT/private/alcasar.pem |