diff options
author | Simon Rettberg | 2020-12-03 14:29:11 +0100 |
---|---|---|
committer | Simon Rettberg | 2020-12-03 14:29:11 +0100 |
commit | 70dcab41f492b515a73241cfe5628d73e3ae3c18 (patch) | |
tree | 3bd4d34d2e60d93283c30ea696725cecdb58963c | |
parent | [SS?S] Add CA infra for client -> server communication (diff) | |
download | setup-scripts-70dcab41f492b515a73241cfe5628d73e3ae3c18.tar.gz setup-scripts-70dcab41f492b515a73241cfe5628d73e3ae3c18.tar.xz setup-scripts-70dcab41f492b515a73241cfe5628d73e3ae3c18.zip |
[SSPS] slx-cert: Include hashed links with config.tgz
-rwxr-xr-x | satellit_installer/static_files/slx-cert | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/satellit_installer/static_files/slx-cert b/satellit_installer/static_files/slx-cert index 2d83b3b..51dde1b 100755 --- a/satellit_installer/static_files/slx-cert +++ b/satellit_installer/static_files/slx-cert @@ -128,10 +128,18 @@ fi if [ -n "$mknew" ]; then # Rebuild config module for clients echo "Updating client config module..." - tar -c -k -f "/opt/openslx/configs/modules/self-signed-ca.tar" \ - --transform 's#^.*/ca-#/opt/openslx/ssl/sat-ca-#' "${CERT}/"ca-*.crt - sudo -u www-data -n php /srv/openslx/www/slx-admin/api.php sysconfig --action rebuild - echo "." + ( + tmpdir="$( mktemp -d '/tmp/bwlp-XXXXXXX' )" + cp -a "${CERT}/"ca-*.crt "$tmpdir/" + cd "$tmpdir/" || exit 6 + openssl rehash . + tar -c -k -f "/opt/openslx/configs/modules/self-signed-ca.tar" \ + --transform 's#^[./][./]*#/opt/openslx/ssl/#' . + cd /tmp + rm -rf -- "$tmpdir" + sudo -u www-data -n php /srv/openslx/www/slx-admin/api.php sysconfig --action rebuild + echo "." + ) fi # Now check the server certificate |