summaryrefslogtreecommitdiffstats
path: root/satellit_installer/static_files/lighttpd/opt
diff options
context:
space:
mode:
Diffstat (limited to 'satellit_installer/static_files/lighttpd/opt')
-rwxr-xr-xsatellit_installer/static_files/lighttpd/opt/openslx/slx-cert10
1 files changed, 3 insertions, 7 deletions
diff --git a/satellit_installer/static_files/lighttpd/opt/openslx/slx-cert b/satellit_installer/static_files/lighttpd/opt/openslx/slx-cert
index 3409244..b2dd5cb 100755
--- a/satellit_installer/static_files/lighttpd/opt/openslx/slx-cert
+++ b/satellit_installer/static_files/lighttpd/opt/openslx/slx-cert
@@ -249,13 +249,12 @@ done
# with our generated stuff for whatever reason.
if [ -n "$have_srv" ] || [ -z "$makenew" ]; then
if [ -s "${LIGHTDIR}/ca-chain.pem" ]; then
- unt_list=( "-untrusted" "${LIGHTDIR}/ca-chain.pem" )
- else
- unt_list=()
+ # Don't need this anymore, it never worked as separate file anyways, so make new
+ rm -f -- "${LIGHTDIR}/ca-chain.pem"
fi
valid=
for ca in "${ca_list[@]}"; do
- openssl verify -CAfile "$ca" "${unt_list[@]}" \
+ openssl verify -CAfile "$ca" \
"${LIGHTDIR}/server.pem" &> /dev/null || continue
valid=1
break
@@ -316,9 +315,6 @@ if [ -z "$have_srv" ] || [ -n "$makenew" ]; then
cat "${CERTDIR}/srv-${srv_new_ts}.crt" "${PRIVDIR}/srv-${srv_new_ts}.key" > "${LIGHTDIR}/server.pem" || exit 10
chmod 0600 "${LIGHTDIR}/server.pem"
- # Don't need this anymore
- rm -f -- "${LIGHTDIR}/ca-chain.pem"
-
if [ "$1" = "--restart" ] || [ -t 0 ]; then
echo "Restarting lighttpd..."
systemctl restart lighttpd.service