projects / thirdparty / strongswan.git / blame
| Commit | Line | Data |
|---|---|---|
| cbfc12b3 AS |
1 | #!/bin/bash |
| 2 | # Install the generated key and host certificate as well as the CA certificates | |
| 3 | # as TLS credentials for the Apache2-based OpenXPKI web server. | |
| 4 | # | |
| 5 | # Copyright (C) 2023 Andreas Steffen | |
| 6 | # | |
| 7 | # Permission is hereby granted, free of charge, to any person obtaining a copy | |
| 8 | # of this software and associated documentation files (the "Software"), to deal | |
| 9 | # in the Software without restriction, including without limitation the rights | |
| 10 | # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
| 11 | # copies of the Software, and to permit persons to whom the Software is | |
| 12 | # furnished to do so, subject to the following conditions: | |
| 13 | # | |
| 14 | # The above copyright notice and this permission notice shall be included in | |
| 15 | # all copies or substantial portions of the Software. | |
| 16 | # | |
| 17 | # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | |
| 18 | # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
| 19 | # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | |
| 20 | # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | |
| 21 | # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | |
| 22 | # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN | |
| 23 | # THE SOFTWARE. | |
| 24 | # | |
| 25 | set -e | |
| 26 | ||
| 27 | ############################################################################## | |
| 28 | # Set local paths | |
| 29 | # | |
| 30 | ||
| 31 | # Path to the OpenXPKI TLS credentials | |
| 32 | OPENXPKI_TLS="/etc/openxpki/tls" | |
| 33 | ||
| 34 | ############################################################################## | |
| 35 | # Change into the certificates directory | |
| 36 | # | |
| 37 | cd $CERTDIR | |
| 38 | ||
| 39 | ############################################################################## | |
| 40 | # Install the private key and certificate | |
| 41 | # | |
| 42 | cp $HOSTKEY $OPENXPKI_TLS/private/openxpki.pem | |
| 43 | cp $HOSTCERT $OPENXPKI_TLS/endentity/openxpki.crt | |
| 44 | ||
| 45 | ############################################################################## | |
| 46 | # Install and rehash the CA certificates | |
| 47 | # | |
| 48 | cp $ROOTCA $SUBCA $OPENXPKI_TLS/chain | |
| 49 | if [ -s old/$ROOTCA ] | |
| 50 | then | |
| 51 | cp old/$ROOTCA $OPENXPKI_TLS/chain/$OLDROOTCA | |
| 52 | fi | |
| 53 | if [ -s old/$SUBCA ] | |
| 54 | then | |
| 55 | cp old/$SUBCA $OPENXPKI_TLS/chain/$OLDSUBCA | |
| 56 | fi | |
| 57 | ||
| 58 | rm $OPENXPKI_TLS/*.0 | |
| 59 | ||
| 60 | /usr/bin/openssl rehash $OPENXPKI_TLS | |
| 61 | ||
| 62 | ############################################################################## | |
| 63 | # Restart the apache2 systemd service | |
| 64 | # | |
| 65 | /usr/bin/systemctl restart apache2.service | |
| 66 | exit 0 |