mirror of
https://github.com/bunkerity/bunkerized-nginx
synced 2023-12-13 21:30:18 +01:00
self-signed cert - fix bugs
This commit is contained in:
parent
95510e6e1d
commit
16101144c5
3 changed files with 65 additions and 2 deletions
|
@ -6,7 +6,7 @@ listen 0.0.0.0:{{ HTTPS_PORT }} ssl {% if HTTP2 == "yes" %}http2{% endif %};
|
|||
{% elif USE_CUSTOM_HTTPS == "yes" %}
|
||||
{% set x = paths.update({"cert": CUSTOM_HTTPS_CERT}) %}
|
||||
{% set x = paths.update({"key": CUSTOM_HTTPS_KEY}) %}
|
||||
{% elif GENERATE_SELF_SIGNED_HTTPS == "yes" %}
|
||||
{% elif GENERATE_SELF_SIGNED_SSL == "yes" %}
|
||||
{% if MULTISITE == "yes" %}
|
||||
{% set x = paths.update({"cert": "/etc/nginx/" + FIRST_SERVER + "/self-cert.pem"}) %}
|
||||
{% set x = paths.update({"key": "/etc/nginx/" + FIRST_SERVER + "/self-key.pem"}) %}
|
||||
|
|
|
@ -19,7 +19,7 @@ if [ "$files" != " " ] ; then
|
|||
SELF_SIGNED_SSL_ORG="$(sed -nE 's/^SELF_SIGNED_SSL_ORG=(.*)$/\1/p' $file)"
|
||||
SELF_SIGNED_SSL_OU="$(sed -nE 's/^SELF_SIGNED_SSL_OU=(.*)$/\1/p' $file)"
|
||||
SELF_SIGNED_SSL_CN="$(sed -nE 's/^SELF_SIGNED_SSL_CN=(.*)$/\1/p' $file)"
|
||||
openssl_output=$(openssl req -nodes -x509 -newkey rsa:4096 -keyout ${dest}self-key.pem -out ${dest}self-cert.pem -days $SELF_SIGNED_SSL_EXPIRY -subj "/C=$SELF_SIGNED_SSL_COUNTRY/ST=$SELF_SIGNED_SSL_STATE/L=$SELF_SIGNED_SSL_CITY/O=$SELF_SIGNED_SSL_ORG/OU=$SELF_SIGNED_SSL_OU/CN=$SELF_SIGNED_SSL_CN" 2>&1)
|
||||
openssl_output=$(openssl req -nodes -x509 -newkey rsa:4096 -keyout ${dest}self-key.pem -out ${dest}self-cert.pem -days "$SELF_SIGNED_SSL_EXPIRY" -subj "/C=$SELF_SIGNED_SSL_COUNTRY/ST=$SELF_SIGNED_SSL_STATE/L=$SELF_SIGNED_SSL_CITY/O=$SELF_SIGNED_SSL_ORG/OU=$SELF_SIGNED_SSL_OU/CN=$SELF_SIGNED_SSL_CN" 2>&1)
|
||||
if [ $? -eq 0 ] ; then
|
||||
echo "[*] Generated self-signed certificate ${dest}self-cert.pem with key ${dest}self-key.pem"
|
||||
else
|
||||
|
|
|
@ -599,6 +599,69 @@
|
|||
"label": "Generate a self-signed TLS certificate",
|
||||
"regex": "^(yes|no)$",
|
||||
"type": "checkbox"
|
||||
},
|
||||
{
|
||||
"context": "multisite",
|
||||
"default": "365",
|
||||
"env": "SELF_SIGNED_SSL_EXPIRY",
|
||||
"id": "self-signed-ssl-expiry",
|
||||
"label": "Expire date of the self-signed certificate",
|
||||
"regex": "^[0-9]+$",
|
||||
"type": "text"
|
||||
},
|
||||
{
|
||||
"context": "multisite",
|
||||
"default": "CH",
|
||||
"env": "SELF_SIGNED_SSL_COUNTRY",
|
||||
"id": "self-signed-ssl-country",
|
||||
"label": "Country of the self-signed certificate",
|
||||
"regex": "^[:print:]+$",
|
||||
"type": "text"
|
||||
},
|
||||
{
|
||||
"context": "multisite",
|
||||
"default": "Switzerland",
|
||||
"env": "SELF_SIGNED_SSL_STATE",
|
||||
"id": "self-signed-ssl-state",
|
||||
"label": "State of the self-signed certificate",
|
||||
"regex": "^[:print:]+$",
|
||||
"type": "text"
|
||||
},
|
||||
{
|
||||
"context": "multisite",
|
||||
"default": "Bern",
|
||||
"env": "SELF_SIGNED_SSL_CITY",
|
||||
"id": "self-signed-ssl-city",
|
||||
"label": "City of the self-signed certificate",
|
||||
"regex": "^[:print:]+$",
|
||||
"type": "text"
|
||||
},
|
||||
{
|
||||
"context": "multisite",
|
||||
"default": "IT",
|
||||
"env": "SELF_SIGNED_SSL_OU",
|
||||
"id": "self-signed-ssl-ou",
|
||||
"label": "Organizational Unit of the self-signed certificate",
|
||||
"regex": "^[:print:]+$",
|
||||
"type": "text"
|
||||
},
|
||||
{
|
||||
"context": "multisite",
|
||||
"default": "Acme Inc",
|
||||
"env": "SELF_SIGNED_SSL_ORG",
|
||||
"id": "self-signed-ssl-org",
|
||||
"label": "Organization name of the self-signed certificate",
|
||||
"regex": "^[:print:]+$",
|
||||
"type": "text"
|
||||
},
|
||||
{
|
||||
"context": "multisite",
|
||||
"default": "bunkerized",
|
||||
"env": "SELF_SIGNED_SSL_CN",
|
||||
"id": "self-signed-ssl-cn",
|
||||
"label": "Common Name of the self-signed certificate",
|
||||
"regex": "^[:print:]+$",
|
||||
"type": "text"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
|
Loading…
Reference in a new issue