moved generateDH section and added missing DHPath after generate

This commit is contained in:
Asif Bacchus 2019-01-06 01:51:55 -07:00
parent b8111c1711
commit 4b54ba596c
2 changed files with 21 additions and 21 deletions

View File

@ -10,9 +10,9 @@
-1, -1,
-1, -1,
-1, -1,
607,
-1, -1,
-1, 630
-1
] ]
} }
] ]

View File

@ -584,6 +584,25 @@ fi
### notify user and generate DHParms if necessary
if [ "${generateDH}" -eq 1 ]; then
echo -e "\n${mag}---------------------${norm}"
echo -e "${cyan}Generating DH-Parameters file... this may take a while${norm}"
# delete existing (likely default) dhparam.pem
rm -f /etc/ssl/certs/dhparam.pem
# generate 4096-bit DHParams and store in /etc/ssl/certs/dhparam.pem
openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096
# verify non-zero length file generated
if [ -s "/etc/ssl/certs/dhparam.pem" ]; then
echo -e "${ok}-- dhparam.pem generated --${norm}"
# set DHParam to proper location
DHPath='/etc/ssl/certs/dhparam.pem'
else
echo -e "${err}-- error generating dhparam.pem --"
echo -e "you should manaully generate this file${norm}"
fi
fi
### Write configurations to template files ### Write configurations to template files
# let user know what's happening # let user know what's happening
echo -e "\n${mag}---------------------${norm}" echo -e "\n${mag}---------------------${norm}"
@ -646,25 +665,6 @@ echo -e "\n${mag}---------------------${norm}"
echo -e "${cyan}...Template files updated${norm}" echo -e "${cyan}...Template files updated${norm}"
# notify user and generate DHParms if necessary, otherwise end reporting section
if [ "${generateDH}" -eq 1 ]; then
echo -e "\n${mag}---------------------${norm}"
echo -e "${cyan}Generating DH-Parameters file... this may take a while${norm}"
# delete existing (likely default) dhparam.pem
rm -f /etc/ssl/certs/dhparam.pem
# generate 4096-bit DHParams and store in /etc/ssl/certs/dhparam.pem
openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096
# verify non-zero length file generated
if [ -s "/etc/ssl/certs/dhparam.pem" ]; then
echo -e "${ok}-- dhparam.pem generated --${norm}"
else
echo -e "${err}-- error generating dhparam.pem --"
echo -e "you should manaully generate this file${norm}"
fi
fi
# debug section # debug section
echo -e "\n${mag}---------------------${norm}" echo -e "\n${mag}---------------------${norm}"