| /alcasar.sh |
|---|
| 758,6 → 758,7 |
| CA() |
| { |
| $DIR_DEST_BIN/alcasar-CA.sh |
| chmod 755 /etc/pki/ |
| chown root:apache /etc/pki/CA; chmod 750 /etc/pki/CA |
| chmod 640 /etc/pki/CA/* |
| chown root:root /etc/pki/CA/private; chmod 700 /etc/pki/CA/private |
| 764,6 → 765,7 |
| chmod 600 /etc/pki/CA/private/* |
| chown -R root:apache /etc/pki/tls/private; chmod 750 /etc/pki/tls/private |
| chmod 640 /etc/pki/tls/private/* |
| chmod 644 /etc/pki/tls/certs/* # "freshclam" need to access to that bundle |
| } # End of CA() |
| ################################################### |
| /conf/lighttpd/vhosts.d/alcasar-with-ssl.conf |
|---|
| 14,7 → 14,7 |
| $SERVER["socket"] == "alcasar.localdomain:443" { |
| ssl.engine = "enable" |
| ssl.pemfile = "/etc/pki/tls/private/alcasar.pem" |
| ssl.ca-file = "/etc/pki/tls/certs/server-chain.crt" |
| ssl.ca-file = "/etc/pki/tls/certs/server-chain.pem" |
| ssl.use-sslv2 = "disable" |
| ssl.use-sslv3 = "disable" |
| ssl.use-compression = "disable" |
| /conf/lighttpd/vhosts.d/alcasar-without-ssl.conf |
|---|
| 14,7 → 14,7 |
| $SERVER["socket"] == "alcasar.localdomain:443" { |
| ssl.engine = "enable" |
| ssl.pemfile = "/etc/pki/tls/private/alcasar.pem" |
| ssl.ca-file = "/etc/pki/tls/certs/server-chain.crt" |
| ssl.ca-file = "/etc/pki/tls/certs/server-chain.pem" |
| ssl.use-sslv2 = "disable" |
| ssl.use-sslv3 = "disable" |
| ssl.use-compression = "disable" |
| /scripts/alcasar-CA.sh |
|---|
| 175,8 → 175,8 |
| hostname=`echo $hostname | cut -d '.' -f 1` |
| fi |
| CAMAIL=ca@$hostname |
| SRVMAIL=apache@$hostname |
| CAMAIL= |
| SRVMAIL= |
| echo 01 > $DIR_TMP/serial |
| touch $DIR_TMP/index.txt |