From de9f85c916db4515bd81f2a000d7fb57f8e0f46a Mon Sep 17 00:00:00 2001 From: Jacob Hansen Date: Fri, 30 Apr 2021 12:33:52 +0200 Subject: Use openssl generated cert The SSL certificate generate using make-ssl-cert seems to not work well with a our plugins. Causing a "CN could not be found" error to be shown. Using an OpenSSL generated certifiticate, seems to work better. Signed-off-by: Jacob Hansen diff --git a/.github/prepare_debian.sh b/.github/prepare_debian.sh index 3693acc..a74f346 100755 --- a/.github/prepare_debian.sh +++ b/.github/prepare_debian.sh @@ -41,8 +41,12 @@ cat /etc/hosts # apache a2enmod ssl a2ensite default-ssl -make-ssl-cert generate-default-snakeoil --force-overwrite -service apache2 start +# replace snakeoil certs with openssl generated ones as the make-ssl-cert ones +# seems to cause problems with our plugins +rm /etc/ssl/certs/ssl-cert-snakeoil.pem +rm /etc/ssl/private/ssl-cert-snakeoil.key +openssl req -nodes -newkey rsa:2048 -x509 -sha256 -days 365 -nodes -keyout /etc/ssl/private/ssl-cert-snakeoil.key -out /etc/ssl/certs/ssl-cert-snakeoil.pem -subj "/C=GB/ST=London/L=London/O=Global Security/OU=IT Department/CN=$(hostname)" +service apache2 restart # squid cp tools/squid.conf /etc/squid/squid.conf -- cgit v0.10-9-g596f