]>
Commit | Line | Data |
---|---|---|
cbfc12b3 AS |
1 | #!/bin/bash |
2 | # Install the generated key and host certificate as well as the CA certificates | |
3 | # as TLS credentials for the Apache2-based OpenXPKI web server. | |
4 | # | |
5 | # Copyright (C) 2023 Andreas Steffen | |
6 | # | |
7 | # Permission is hereby granted, free of charge, to any person obtaining a copy | |
8 | # of this software and associated documentation files (the "Software"), to deal | |
9 | # in the Software without restriction, including without limitation the rights | |
10 | # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
11 | # copies of the Software, and to permit persons to whom the Software is | |
12 | # furnished to do so, subject to the following conditions: | |
13 | # | |
14 | # The above copyright notice and this permission notice shall be included in | |
15 | # all copies or substantial portions of the Software. | |
16 | # | |
17 | # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | |
18 | # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
19 | # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | |
20 | # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | |
21 | # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | |
22 | # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN | |
23 | # THE SOFTWARE. | |
24 | # | |
25 | set -e | |
26 | ||
27 | ############################################################################## | |
28 | # Set local paths | |
29 | # | |
30 | ||
31 | # Path to the OpenXPKI TLS credentials | |
32 | OPENXPKI_TLS="/etc/openxpki/tls" | |
33 | ||
34 | ############################################################################## | |
35 | # Change into the certificates directory | |
36 | # | |
37 | cd $CERTDIR | |
38 | ||
39 | ############################################################################## | |
40 | # Install the private key and certificate | |
41 | # | |
42 | cp $HOSTKEY $OPENXPKI_TLS/private/openxpki.pem | |
43 | cp $HOSTCERT $OPENXPKI_TLS/endentity/openxpki.crt | |
44 | ||
45 | ############################################################################## | |
46 | # Install and rehash the CA certificates | |
47 | # | |
48 | cp $ROOTCA $SUBCA $OPENXPKI_TLS/chain | |
49 | if [ -s old/$ROOTCA ] | |
50 | then | |
51 | cp old/$ROOTCA $OPENXPKI_TLS/chain/$OLDROOTCA | |
52 | fi | |
53 | if [ -s old/$SUBCA ] | |
54 | then | |
55 | cp old/$SUBCA $OPENXPKI_TLS/chain/$OLDSUBCA | |
56 | fi | |
57 | ||
58 | rm $OPENXPKI_TLS/*.0 | |
59 | ||
60 | /usr/bin/openssl rehash $OPENXPKI_TLS | |
61 | ||
62 | ############################################################################## | |
63 | # Restart the apache2 systemd service | |
64 | # | |
65 | /usr/bin/systemctl restart apache2.service | |
66 | exit 0 |