diff --git a/.vscode/numbered-bookmarks.json b/.vscode/numbered-bookmarks.json index faf81f5..80980ce 100644 --- a/.vscode/numbered-bookmarks.json +++ b/.vscode/numbered-bookmarks.json @@ -11,7 +11,7 @@ -1, -1, -1, - 636, + 659, 625 ] } diff --git a/setup.sh b/setup.sh index d7f58ac..7835387 100644 --- a/setup.sh +++ b/setup.sh @@ -373,7 +373,7 @@ fi # dhparam: get location of DH Parameters file echo -e "\n${mag}Having your own unique Diffie-Hellman Parameters file makes your SSL" echo "communication more secure by helping to generate unique safe large prime" -echo "numbers. You shouldn't use any pre-installed dhparams.pem files. You should" +echo "numbers. You shouldn't use any pre-installed dhparam.pem files. You should" echo "always generate your own. If you haven't done that already and would like this" echo -e "script to do it for you, please type ${warn}generate${mag} at the prompt instead" echo -e "of a path${norm}\n" @@ -578,7 +578,7 @@ fi ### Write configurations to template files # let user know what's happening echo -e "\n${mag}---------------------${norm}" -echo -e "${cyan}Updating template files now" +echo -e "${cyan}Updating template files now...${norm}" # copy template files to working versions echo "copying files to dedicated directory for customization" @@ -638,6 +638,25 @@ echo -e "${cyan}...Template files updated${norm}" echo -e "\n${mag}---------------------${norm}" +# notify user and generate DHParms if necessary, otherwise end reporting section + +if [ "${generateDH}" -eq 1 ]; then + echo -e "${cyan}Generating DH-Parameters file... this may take a while${norm}" + # delete existing (likely default) dhparam.pem + rm -f /etc/ssl/certs/dhparam.pem + # generate 4096-bit DHParams and store in /etc/ssl/certs/dhparam.pem + openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096 + # verify non-zero length file generated + if [ -s "/etc/ssl/certs/dhparam.pem" ]; then + echo -e "${ok}-- dhparam.pem generated --${normal}" + else + echo -e "${err}-- error generating dhparam.pem --" + echo -e "you should manaully generate this file${norm}" + fi + + + + # debug section echo -e "\n${mag}---------------------${norm}"