summaryrefslogtreecommitdiffstats
path: root/installer
diff options
context:
space:
mode:
authorRamón M. Gómez <ramongomez@us.es>2019-06-13 11:05:35 +0200
committerRamón M. Gómez <ramongomez@us.es>2019-06-13 11:05:35 +0200
commit505085017506c883ba0d38feaeca66ef7a327a63 (patch)
tree4c8deea8aebd548104ff4aa34b7202dceb7d951f /installer
parent676dd3cbc175b4840b66315269458c9f12f9ea51 (diff)
#802: Creating certificate to sign boot loaders.
Diffstat (limited to 'installer')
-rwxr-xr-xinstaller/opengnsys_installer.sh16
-rwxr-xr-xinstaller/opengnsys_update.sh20
2 files changed, 33 insertions, 3 deletions
diff --git a/installer/opengnsys_installer.sh b/installer/opengnsys_installer.sh
index 66cf0ad8..b62b0f50 100755
--- a/installer/opengnsys_installer.sh
+++ b/installer/opengnsys_installer.sh
@@ -1376,6 +1376,7 @@ function copyInterfaceAdm ()
return $hayErrores
}
+
####################################################################
### Funciones instalacion cliente opengnsys
####################################################################
@@ -1409,6 +1410,18 @@ function copyClientFiles()
}
+# Crear certificados para la firma de cargadores de arranque.
+function createCerts ()
+{
+ local SSLCFGDIR=$INSTALL_TARGET/client/etc/ssl
+ echoAndLog "${FUNCNAME}(): creating certificate files"
+ mkdir -p $SSLCFGDIR/{certs,private}
+ openssl req -new -x509 -newkey rsa:2048 -keyout $SSLCFGDIR/private/opengnsys.key -out $SSLCFGDIR/certs/opengnsys.crt -nodes -days 3650 -subj "/CN=OpenGnsys/"
+ openssl x509 -in $SSLCFGDIR/certs/opengnsys.crt -out $SSLCFGDIR/certs/opengnsys.cer -outform DER
+ echoAndLog "${FUNCNAME}(): certificate successfully created"
+}
+
+
# Crear cliente OpenGnsys.
function clientCreate()
{
@@ -1803,6 +1816,9 @@ if [ $? -ne 0 ]; then
errorAndLog "Error creating client structure"
fi
+# Crear certificado para firmar cargadores
+createCerts
+
# Crear la estructura del cliente de OpenGnsys.
for i in $OGLIVE; do
if ! clientCreate "$i"; then
diff --git a/installer/opengnsys_update.sh b/installer/opengnsys_update.sh
index 1e58bfe6..f8cee6eb 100755
--- a/installer/opengnsys_update.sh
+++ b/installer/opengnsys_update.sh
@@ -169,7 +169,7 @@ function autoConfigure()
:
fi
for service in apache2 httpd; do
- [ -d /etc/$service ] && APACHECFGDIR="/etc/$service"
+ [ -d "/etc/$service" ] && APACHECFGDIR="/etc/$service"
if $SERVICESTATUS &>/dev/null; then APACHESERV="$service"; fi
done
for service in dhcpd dhcpd3-server isc-dhcp-server; do
@@ -546,6 +546,19 @@ EOT
echoAndLog "${FUNCNAME}(): client files successfully updated"
}
+# Crear certificado para la firma de cargadores de arranque, si es necesario.
+function createCerts ()
+{
+ local SSLCFGDIR=$INSTALL_TARGET/client/etc/ssl
+ mkdir -p $SSLCFGDIR/{certs,private}
+ if [ ! -f $SSLCFGDIR/private/opengnsys.key ]; then
+ echoAndLog "${FUNCNAME}(): creating certificate files"
+ openssl req -new -x509 -newkey rsa:2048 -keyout $SSLCFGDIR/private/opengnsys.key -out $SSLCFGDIR/certs/opengnsys.crt -nodes -days 3650 -subj "/CN=OpenGnsys/"
+ openssl x509 -in $SSLCFGDIR/certs/opengnsys.crt -out $SSLCFGDIR/certs/opengnsys.cer -outform DER
+ echoAndLog "${FUNCNAME}(): certificate successfully created"
+ fi
+}
+
# Configurar HTTPS y exportar usuario y grupo del servicio Apache.
function apacheConfiguration ()
{
@@ -1215,11 +1228,12 @@ fi
# Configurar Rsync.
rsyncConfigure
-# Actualizar ficheros del cliente
+# Actualizar ficheros del cliente.
updateClientFiles
+createCerts
updateInterfaceAdm
-# Actualizar páqinas web
+# Actualizar páqinas web.
apacheConfiguration
updateWebFiles
if [ $? -ne 0 ]; then