This repository has been archived by the owner on Apr 18, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 100
/
https.changed
executable file
·69 lines (54 loc) · 2.01 KB
/
https.changed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
#!/bin/bash
#Steps to generate keys.
# cd /opt/keys/
# ./exp_key generate key file
# cp -rf server.key server.key.secure
# ./exp_sec avoid typing password
# ./exp_csr generate request file
# ./exp_crt generate certificate file
function _generate_keys() {
mkdir -p /tmp/__keys
for n in exp_key exp_sec exp_csr exp_crt; do
cp -rf /usr/local/bin/keys/$n /tmp/__keys
chmod 755 /tmp/__keys/$n
done
mkdir -p /tmp/__keys
cd /tmp/__keys/
for n in `ls`; do
sed -i "s,%PASSWORD%,$VSM_HTTPS_PASSWORD,g" $n
done
# Here we generate keys.
./exp_key
cp -rf server.key server.key.secure
./exp_sec
./exp_csr
openssl x509 -req -days 7000 -in server.csr -signkey server.key -out server.crt
mkdir -p /etc/apache2/keys/
rm -rf /etc/apache2/keys/*
cp -rf * /etc/apache2/keys/
# then we begin to set http configurations.
sed -i "s,/etc/ssl/certs/ssl-cert-snakeoil.pem,/etc/apache2/keys/server.crt,g" /etc/apache2/sites-enabled/default-ssl.conf
sed -i "s,/etc/ssl/private/ssl-cert-snakeoil.key,/etc/apache2/keys/server.key,g" /etc/apache2/sites-enabled/default-ssl.conf
sed -i "s,Listen 80,#Listen 80,g" /etc/apache2/ports.conf
service apache2 reload
service apache2 restart
rm -rf /tmp/__keys
}
function setup_https() {
old_dir=`pwd`
host_name=`hostname`
# grep -e "^ServerName $hostname$" /etc/apache2/apache2.conf
if [ `grep -e "^ServerName $hostname$" /etc/apache2/apache2.conf |wc -l` -lt 1 ]; then
echo "ServerName $host_name" >> /etc/apache2/apache2.conf
fi
sed -i "s,%HOSTNAME%,$host_name,g" /usr/local/bin/keys/exp_csr
#service apache2 restart
service apache2 stop
service apache2 start
a2dissite default-ssl
rm -rf /etc/apache2/sites-enabled/default-ssl.conf
a2enmod ssl
a2ensite default-ssl
_generate_keys
cd $old_dir
}