diff options
-rwxr-xr-x | scripts/install-https | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/scripts/install-https b/scripts/install-https index a4ea8df..ad77a97 100755 --- a/scripts/install-https +++ b/scripts/install-https @@ -48,6 +48,8 @@ op_import () if [ -s "$CHAIN" ]; then openssl x509 -noout -hash -in "$CHAIN" >/dev/null 2>&1 && cp "$CHAIN" "$CHAINFILE" fi + generate_dh + return 0 } op_random () @@ -56,6 +58,22 @@ op_random () rm -f -- "$CHAINFILE" openssl req -x509 -new -newkey rsa:4096 -keyout "$CERTFILE" -out "$CERTFILE" -days 5000 -nodes -subj "/C=DE/ST=Nowhere/L=Springfield/O=bwLehrpool/CN=$1" || exit 2 chmod 0600 "$CERTFILE" || exit 3 + generate_dh + return 0 +} + +generate_dh () +{ + local DHPARAM="/etc/lighttpd/dhparam.pem" + if ! [ -s "$DHPARAM" ]; then + echo "Generating DH parameters (this takes a while)..." + if openssl dhparam -out "$DHPARAM" 2048 >/dev/null 2>&1; then + echo "done" + else + echo "failed" + rm -f -- "$DHPARAM" + fi + fi } OP=$1 |