From 4b54ba596cf286352ad25db6d487824e8c4493b7 Mon Sep 17 00:00:00 2001 From: Asif Bacchus Date: Sun, 6 Jan 2019 01:51:55 -0700 Subject: [PATCH] moved generateDH section and added missing DHPath after generate --- .vscode/numbered-bookmarks.json | 4 ++-- setup.sh | 38 ++++++++++++++++----------------- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/.vscode/numbered-bookmarks.json b/.vscode/numbered-bookmarks.json index b1d020c..edbe093 100644 --- a/.vscode/numbered-bookmarks.json +++ b/.vscode/numbered-bookmarks.json @@ -10,9 +10,9 @@ -1, -1, -1, + 607, -1, - -1, - -1 + 630 ] } ] diff --git a/setup.sh b/setup.sh index 97418c7..5853999 100755 --- a/setup.sh +++ b/setup.sh @@ -584,6 +584,25 @@ fi +### notify user and generate DHParms if necessary +if [ "${generateDH}" -eq 1 ]; then + echo -e "\n${mag}---------------------${norm}" + echo -e "${cyan}Generating DH-Parameters file... this may take a while${norm}" + # delete existing (likely default) dhparam.pem + rm -f /etc/ssl/certs/dhparam.pem + # generate 4096-bit DHParams and store in /etc/ssl/certs/dhparam.pem + openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096 + # verify non-zero length file generated + if [ -s "/etc/ssl/certs/dhparam.pem" ]; then + echo -e "${ok}-- dhparam.pem generated --${norm}" + # set DHParam to proper location + DHPath='/etc/ssl/certs/dhparam.pem' + else + echo -e "${err}-- error generating dhparam.pem --" + echo -e "you should manaully generate this file${norm}" + fi +fi + ### Write configurations to template files # let user know what's happening echo -e "\n${mag}---------------------${norm}" @@ -646,25 +665,6 @@ echo -e "\n${mag}---------------------${norm}" echo -e "${cyan}...Template files updated${norm}" -# notify user and generate DHParms if necessary, otherwise end reporting section - -if [ "${generateDH}" -eq 1 ]; then - echo -e "\n${mag}---------------------${norm}" - echo -e "${cyan}Generating DH-Parameters file... this may take a while${norm}" - # delete existing (likely default) dhparam.pem - rm -f /etc/ssl/certs/dhparam.pem - # generate 4096-bit DHParams and store in /etc/ssl/certs/dhparam.pem - openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096 - # verify non-zero length file generated - if [ -s "/etc/ssl/certs/dhparam.pem" ]; then - echo -e "${ok}-- dhparam.pem generated --${norm}" - else - echo -e "${err}-- error generating dhparam.pem --" - echo -e "you should manaully generate this file${norm}" - fi -fi - - # debug section echo -e "\n${mag}---------------------${norm}"