mirror of
https://github.com/wheelybird/ldap-user-manager.git
synced 2025-01-18 23:42:54 +01:00
Named server certs, as suggested by @huzvar
This commit is contained in:
parent
9bbe0db8d5
commit
58432af0f3
14
entrypoint
14
entrypoint
@ -47,15 +47,15 @@ else
|
||||
########################
|
||||
#If there aren't any SSL certs then create a CA and then CA-signed certificate
|
||||
|
||||
if [ ! -f "${ssl_dir}/server.key" ] && [ ! -f "${ssl_dir}/server.crt" ]; then
|
||||
if [ ! -f "${ssl_dir}/{$SERVER_CERT_FILENAME:-server.crt}" ] && [ ! -f "${ssl_dir}/{$SERVER_KEY_FILENAME:-server.key}" ]; then
|
||||
|
||||
mkdir -p $ssl_dir
|
||||
confout="${ssl_dir}/conf"
|
||||
keyout="${ssl_dir}/server.key"
|
||||
certout="${ssl_dir}/server.crt"
|
||||
cakey="${ssl_dir}/ca.key"
|
||||
cacert="${ssl_dir}/ca.crt"
|
||||
serialfile="${ssl_dir}/serial"
|
||||
cakey="${ssl_dir}/.ca.key"
|
||||
cacert="${ssl_dir}/.ca.crt"
|
||||
serialfile="${ssl_dir}/.serial"
|
||||
|
||||
echo "Generating CA key"
|
||||
openssl genrsa -out $cakey 2048
|
||||
@ -113,7 +113,7 @@ EoCertConf
|
||||
########################
|
||||
#Create Apache config
|
||||
|
||||
if [ -f "${ssl_dir}/chain.pem" ]; then ssl_chain="SSLCertificateChainFile ${ssl_dir}/chain.pem"; fi
|
||||
if [ -f "${ssl_dir}/{$CA_CERT_FILENAME}" ]; then ssl_chain="SSLCertificateChainFile ${ssl_dir}/{$CA_CERT_FILENAME}"; fi
|
||||
|
||||
echo > /etc/apache2/sites-enabled/lum.conf
|
||||
echo > /etc/apache2/ports.conf
|
||||
@ -152,8 +152,8 @@ EoHTTPrd
|
||||
</Directory>
|
||||
|
||||
SSLEngine On
|
||||
SSLCertificateFile /opt/ssl/server.crt
|
||||
SSLCertificateKeyFile /opt/ssl/server.key
|
||||
SSLCertificateFile ${ssl_dir}/{$SERVER_CERT_FILENAME:-server.crt}
|
||||
SSLCertificateKeyFile ${ssl_dir}/{$SERVER_KEY_FILENAME:-server.key}
|
||||
$ssl_chain
|
||||
|
||||
</VirtualHost>
|
||||
|
Loading…
x
Reference in New Issue
Block a user