sha256 and access restriction to generated certs and keys
This commit is contained in:
Peter Hormanns
parent
2a18379289
commit
d08478b47a
@ -273,7 +273,8 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
|
|||||||
+ "mkdir -p $PEMS_DIR/ && "
|
+ "mkdir -p $PEMS_DIR/ && "
|
||||||
+ "cd $PEMS_DIR && "
|
+ "cd $PEMS_DIR && "
|
||||||
+ "echo \"\" > " + domName + ".chain && "
|
+ "echo \"\" > " + domName + ".chain && "
|
||||||
+ "openssl req -x509 -newkey rsa:2048 -keyout " + domName + ".key -out " + domName + ".crt -days 1100 -nodes -subj '/CN=" + domName + "'"),
|
+ "openssl req -x509 -newkey rsa:2048 -keyout " + domName + ".key -out " + domName + ".crt -days 1100 -nodes -sha256 -subj '/CN=" + domName + "' &&"
|
||||||
|
+ "chmod 400 " + domName + "*"),
|
||||||
new CreateFileProcessor("/de/hsadmin/mods/dom/apache-vhost.vm", templateVars, dom, "/etc/apache2/sites-available/" + domName + ".tmp", "root", "root", "644", true),
|
new CreateFileProcessor("/de/hsadmin/mods/dom/apache-vhost.vm", templateVars, dom, "/etc/apache2/sites-available/" + domName + ".tmp", "root", "root", "644", true),
|
||||||
new ShellProcessor(
|
new ShellProcessor(
|
||||||
" (diff -q /etc/apache2/sites-available/" + domName + ".tmp /etc/apache2/sites-available/" + domName + " && rm /etc/apache2/sites-available/" + domName + ".tmp ) " +
|
" (diff -q /etc/apache2/sites-available/" + domName + ".tmp /etc/apache2/sites-available/" + domName + " && rm /etc/apache2/sites-available/" + domName + ".tmp ) " +
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user