diff options
author | Simon Rettberg | 2024-02-26 17:24:02 +0100 |
---|---|---|
committer | Simon Rettberg | 2024-02-26 17:24:02 +0100 |
commit | 828bb956c44e81628bbb7b41da115511051743e4 (patch) | |
tree | b97ccfa418016c351a1ad6d928ce98dfec5e50bb /satellit_installer/static_files/lighttpd/opt | |
parent | [grub] Forgot more debug code (diff) | |
download | setup-scripts-828bb956c44e81628bbb7b41da115511051743e4.tar.gz setup-scripts-828bb956c44e81628bbb7b41da115511051743e4.tar.xz setup-scripts-828bb956c44e81628bbb7b41da115511051743e4.zip |
[SS*S] lighttpd: Don't try to use ssl.ca-file for certificate chain
Diffstat (limited to 'satellit_installer/static_files/lighttpd/opt')
-rwxr-xr-x | satellit_installer/static_files/lighttpd/opt/openslx/slx-cert | 10 |
1 files changed, 3 insertions, 7 deletions
diff --git a/satellit_installer/static_files/lighttpd/opt/openslx/slx-cert b/satellit_installer/static_files/lighttpd/opt/openslx/slx-cert index 3409244..b2dd5cb 100755 --- a/satellit_installer/static_files/lighttpd/opt/openslx/slx-cert +++ b/satellit_installer/static_files/lighttpd/opt/openslx/slx-cert @@ -249,13 +249,12 @@ done # with our generated stuff for whatever reason. if [ -n "$have_srv" ] || [ -z "$makenew" ]; then if [ -s "${LIGHTDIR}/ca-chain.pem" ]; then - unt_list=( "-untrusted" "${LIGHTDIR}/ca-chain.pem" ) - else - unt_list=() + # Don't need this anymore, it never worked as separate file anyways, so make new + rm -f -- "${LIGHTDIR}/ca-chain.pem" fi valid= for ca in "${ca_list[@]}"; do - openssl verify -CAfile "$ca" "${unt_list[@]}" \ + openssl verify -CAfile "$ca" \ "${LIGHTDIR}/server.pem" &> /dev/null || continue valid=1 break @@ -316,9 +315,6 @@ if [ -z "$have_srv" ] || [ -n "$makenew" ]; then cat "${CERTDIR}/srv-${srv_new_ts}.crt" "${PRIVDIR}/srv-${srv_new_ts}.key" > "${LIGHTDIR}/server.pem" || exit 10 chmod 0600 "${LIGHTDIR}/server.pem" - # Don't need this anymore - rm -f -- "${LIGHTDIR}/ca-chain.pem" - if [ "$1" = "--restart" ] || [ -t 0 ]; then echo "Restarting lighttpd..." systemctl restart lighttpd.service |