Commit e46e55de authored by Tollef Fog Heen's avatar Tollef Fog Heen

* Make the default SSL cert have a lifetime of 10 years rather than 30

  days.  Closes: 293821

git-svn-id: svn+ssh://svn.debian.org/svn/pkg-apache/trunk/ssl-cert@577 01b336ce-410b-0410-9a02-a0e7f243c266
parent 5d76a93c
......@@ -24,6 +24,8 @@ ssl-cert (1.0.15) UNRELEASED; urgency=low
* German. Closes: #447921
* French. Closes: #448226
* Do getent group rather than getent passwd in postinst. Closes: 444902
* Make the default SSL cert have a lifetime of 10 years rather than 30
days. Closes: 293821
-- Tollef Fog Heen <tfheen@debian.org> Sun, 10 Feb 2008 20:22:54 +0100
......
......@@ -115,13 +115,13 @@ create_temporary_cnf
export RANDFILE=/dev/random
if [ "$1" != "generate-default-snakeoil" ]; then
openssl req -config $TMPFILE -new -x509 -nodes -out $output -keyout $output > /dev/null 2>&1
openssl req -config $TMPFILE -new -x509 -days 3650 -nodes -out $output -keyout $output > /dev/null 2>&1
chmod 600 $output
# hash symlink
cd $(dirname $output)
ln -sf $(basename $output) $(openssl x509 -hash -noout -in $output)
else
openssl req -config $TMPFILE -new -x509 -nodes \
openssl req -config $TMPFILE -new -x509 -days 3650 -nodes \
-out /etc/ssl/certs/ssl-cert-snakeoil.pem \
-keyout /etc/ssl/private/ssl-cert-snakeoil.key > /dev/null 2>&1
chmod 644 /etc/ssl/certs/ssl-cert-snakeoil.pem
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment