moved generateDH section and added missing DHPath after generate
This commit is contained in:
Asif Bacchus
parent
b8111c1711
commit
4b54ba596c
4
.vscode/numbered-bookmarks.json
vendored
4
.vscode/numbered-bookmarks.json
vendored
@ -10,9 +10,9 @@
|
|||||||
-1,
|
-1,
|
||||||
-1,
|
-1,
|
||||||
-1,
|
-1,
|
||||||
|
607,
|
||||||
-1,
|
-1,
|
||||||
-1,
|
630
|
||||||
-1
|
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
|||||||
38
setup.sh
38
setup.sh
@ -584,6 +584,25 @@ fi
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
### notify user and generate DHParms if necessary
|
||||||
|
if [ "${generateDH}" -eq 1 ]; then
|
||||||
|
echo -e "\n${mag}---------------------${norm}"
|
||||||
|
echo -e "${cyan}Generating DH-Parameters file... this may take a while${norm}"
|
||||||
|
# delete existing (likely default) dhparam.pem
|
||||||
|
rm -f /etc/ssl/certs/dhparam.pem
|
||||||
|
# generate 4096-bit DHParams and store in /etc/ssl/certs/dhparam.pem
|
||||||
|
openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096
|
||||||
|
# verify non-zero length file generated
|
||||||
|
if [ -s "/etc/ssl/certs/dhparam.pem" ]; then
|
||||||
|
echo -e "${ok}-- dhparam.pem generated --${norm}"
|
||||||
|
# set DHParam to proper location
|
||||||
|
DHPath='/etc/ssl/certs/dhparam.pem'
|
||||||
|
else
|
||||||
|
echo -e "${err}-- error generating dhparam.pem --"
|
||||||
|
echo -e "you should manaully generate this file${norm}"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
### Write configurations to template files
|
### Write configurations to template files
|
||||||
# let user know what's happening
|
# let user know what's happening
|
||||||
echo -e "\n${mag}---------------------${norm}"
|
echo -e "\n${mag}---------------------${norm}"
|
||||||
@ -646,25 +665,6 @@ echo -e "\n${mag}---------------------${norm}"
|
|||||||
echo -e "${cyan}...Template files updated${norm}"
|
echo -e "${cyan}...Template files updated${norm}"
|
||||||
|
|
||||||
|
|
||||||
# notify user and generate DHParms if necessary, otherwise end reporting section
|
|
||||||
|
|
||||||
if [ "${generateDH}" -eq 1 ]; then
|
|
||||||
echo -e "\n${mag}---------------------${norm}"
|
|
||||||
echo -e "${cyan}Generating DH-Parameters file... this may take a while${norm}"
|
|
||||||
# delete existing (likely default) dhparam.pem
|
|
||||||
rm -f /etc/ssl/certs/dhparam.pem
|
|
||||||
# generate 4096-bit DHParams and store in /etc/ssl/certs/dhparam.pem
|
|
||||||
openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096
|
|
||||||
# verify non-zero length file generated
|
|
||||||
if [ -s "/etc/ssl/certs/dhparam.pem" ]; then
|
|
||||||
echo -e "${ok}-- dhparam.pem generated --${norm}"
|
|
||||||
else
|
|
||||||
echo -e "${err}-- error generating dhparam.pem --"
|
|
||||||
echo -e "you should manaully generate this file${norm}"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# debug section
|
# debug section
|
||||||
echo -e "\n${mag}---------------------${norm}"
|
echo -e "\n${mag}---------------------${norm}"
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user