/alcasar.sh |
---|
758,6 → 758,7 |
CA() |
{ |
$DIR_DEST_BIN/alcasar-CA.sh |
chmod 755 /etc/pki/ |
chown root:apache /etc/pki/CA; chmod 750 /etc/pki/CA |
chmod 640 /etc/pki/CA/* |
chown root:root /etc/pki/CA/private; chmod 700 /etc/pki/CA/private |
764,6 → 765,7 |
chmod 600 /etc/pki/CA/private/* |
chown -R root:apache /etc/pki/tls/private; chmod 750 /etc/pki/tls/private |
chmod 640 /etc/pki/tls/private/* |
chmod 644 /etc/pki/tls/certs/* # "freshclam" need to access to that bundle |
} # End of CA() |
################################################### |
/conf/lighttpd/vhosts.d/alcasar-with-ssl.conf |
---|
14,7 → 14,7 |
$SERVER["socket"] == "alcasar.localdomain:443" { |
ssl.engine = "enable" |
ssl.pemfile = "/etc/pki/tls/private/alcasar.pem" |
ssl.ca-file = "/etc/pki/tls/certs/server-chain.crt" |
ssl.ca-file = "/etc/pki/tls/certs/server-chain.pem" |
ssl.use-sslv2 = "disable" |
ssl.use-sslv3 = "disable" |
ssl.use-compression = "disable" |
/conf/lighttpd/vhosts.d/alcasar-without-ssl.conf |
---|
14,7 → 14,7 |
$SERVER["socket"] == "alcasar.localdomain:443" { |
ssl.engine = "enable" |
ssl.pemfile = "/etc/pki/tls/private/alcasar.pem" |
ssl.ca-file = "/etc/pki/tls/certs/server-chain.crt" |
ssl.ca-file = "/etc/pki/tls/certs/server-chain.pem" |
ssl.use-sslv2 = "disable" |
ssl.use-sslv3 = "disable" |
ssl.use-compression = "disable" |
/scripts/alcasar-CA.sh |
---|
175,8 → 175,8 |
hostname=`echo $hostname | cut -d '.' -f 1` |
fi |
CAMAIL=ca@$hostname |
SRVMAIL=apache@$hostname |
CAMAIL= |
SRVMAIL= |
echo 01 > $DIR_TMP/serial |
touch $DIR_TMP/index.txt |