mirror of
https://github.com/signalwire/freeswitch.git
synced 2025-04-16 00:41:41 +00:00
FS-3890
This commit is contained in:
Brian West
parent
0626c89d4a
commit
2ec02e5445
@ -3,6 +3,7 @@
|
|||||||
CONFDIR=@prefix@/conf/ssl
|
CONFDIR=@prefix@/conf/ssl
|
||||||
DAYS=2190
|
DAYS=2190
|
||||||
KEY_SIZE=2048
|
KEY_SIZE=2048
|
||||||
|
export KEY_SIZE=${KEY_SIZE}
|
||||||
|
|
||||||
TMPFILE="/tmp/fs-ca-$$-$(date +%Y%m%d%H%M%S)"
|
TMPFILE="/tmp/fs-ca-$$-$(date +%Y%m%d%H%M%S)"
|
||||||
|
|
||||||
@ -36,10 +37,14 @@ setup_ca() {
|
|||||||
mkdir -p -m 750 "${CONFDIR}/CA" || exit 1
|
mkdir -p -m 750 "${CONFDIR}/CA" || exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ ! -e "${CONFDIR}/CA/config.tpl" ]; then
|
if [ -e "${CONFDIR}/CA/config.tpl" ]; then
|
||||||
|
if [ $0 -nt "${CONFDIR}/CA/config.tpl" ]; then
|
||||||
|
echo "WARNING! genttls_cert has a modified time more recent than ${CONFDIR}/CA/config.tpl remove config.tpl to re-generate it"
|
||||||
|
fi
|
||||||
|
else
|
||||||
cat > "${CONFDIR}/CA/config.tpl" <<-EOF
|
cat > "${CONFDIR}/CA/config.tpl" <<-EOF
|
||||||
[ req ]
|
[ req ]
|
||||||
default_bits = $ENV::KEY_SIZE
|
default_bits = \$ENV::KEY_SIZE
|
||||||
prompt = no
|
prompt = no
|
||||||
distinguished_name = req_dn
|
distinguished_name = req_dn
|
||||||
|
|
||||||
@ -117,7 +122,7 @@ generate_cert() {
|
|||||||
> "${TMPFILE}.cfg" || exit 1
|
> "${TMPFILE}.cfg" || exit 1
|
||||||
|
|
||||||
openssl req -new -out "${TMPFILE}.req" \
|
openssl req -new -out "${TMPFILE}.req" \
|
||||||
-newkey rsa: -keyout "${TMPFILE}.key" \
|
-newkey rsa:${KEY_SIZE} -keyout "${TMPFILE}.key" \
|
||||||
-config "${TMPFILE}.cfg" -nodes -sha1 >/dev/null || exit 1
|
-config "${TMPFILE}.cfg" -nodes -sha1 >/dev/null || exit 1
|
||||||
|
|
||||||
openssl x509 -req -CAkey "${CONFDIR}/CA/cakey.pem" -CA "${CONFDIR}/CA/cacert.pem" -CAcreateserial \
|
openssl x509 -req -CAkey "${CONFDIR}/CA/cakey.pem" -CA "${CONFDIR}/CA/cacert.pem" -CAcreateserial \
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user