moved generateDH section and added missing DHPath after generate

2019-01-06 01:51:55 -07:00 · 2019-01-06 01:51:55 -07:00 · 4b54ba596c
commit 4b54ba596c
parent b8111c1711
2 changed files with 21 additions and 21 deletions
--- a/.vscode/numbered-bookmarks.json
+++ b/.vscode/numbered-bookmarks.json
@ -10,9 +10,9 @@
 				-1,
 				-1,
 				-1,
+				607,
 				-1,
-				-1,
-				-1
+				630
 			]
 		}
 	]
--- a/setup.sh
+++ b/setup.sh
@ -584,6 +584,25 @@ fi



+### notify user and generate DHParms if necessary
+if [ "${generateDH}" -eq 1 ]; then
+    echo -e "\n${mag}---------------------${norm}"
+    echo -e "${cyan}Generating DH-Parameters file... this may take a while${norm}"
+    # delete existing (likely default) dhparam.pem
+    rm -f /etc/ssl/certs/dhparam.pem
+    # generate 4096-bit DHParams and store in /etc/ssl/certs/dhparam.pem
+    openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096
+    # verify non-zero length file generated
+    if [ -s "/etc/ssl/certs/dhparam.pem" ]; then
+        echo -e "${ok}-- dhparam.pem generated --${norm}"
+        # set DHParam to proper location
+        DHPath='/etc/ssl/certs/dhparam.pem'
+    else
+        echo -e "${err}-- error generating dhparam.pem --"
+        echo -e "you should manaully generate this file${norm}"
+    fi
+fi
+
 ### Write configurations to template files
 # let user know what's happening
 echo -e "\n${mag}---------------------${norm}"
@ -646,25 +665,6 @@ echo -e "\n${mag}---------------------${norm}"
 echo -e "${cyan}...Template files updated${norm}"


-# notify user and generate DHParms if necessary, otherwise end reporting section
-
-if [ "${generateDH}" -eq 1 ]; then
-    echo -e "\n${mag}---------------------${norm}"
-    echo -e "${cyan}Generating DH-Parameters file... this may take a while${norm}"
-    # delete existing (likely default) dhparam.pem
-    rm -f /etc/ssl/certs/dhparam.pem
-    # generate 4096-bit DHParams and store in /etc/ssl/certs/dhparam.pem
-    openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096
-    # verify non-zero length file generated
-    if [ -s "/etc/ssl/certs/dhparam.pem" ]; then
-        echo -e "${ok}-- dhparam.pem generated --${norm}"
-    else
-        echo -e "${err}-- error generating dhparam.pem --"
-        echo -e "you should manaully generate this file${norm}"
-    fi
-fi
-
-

 # debug section
 echo -e "\n${mag}---------------------${norm}"