procedures:internal_ca
Différences
Ci-dessous, les différences entre deux révisions de la page.
| Les deux révisions précédentesRévision précédente | |||
| procedures:internal_ca [2023/02/10 09:06] – gizmo | procedures:internal_ca [2023/02/10 13:45] (Version actuelle) – gizmo | ||
|---|---|---|---|
| Ligne 47: | Ligne 47: | ||
| echo "Valid fqdn, generate certificate for ${FQDN}" | echo "Valid fqdn, generate certificate for ${FQDN}" | ||
| openssl genrsa -out ${DEST_CERT}/ | openssl genrsa -out ${DEST_CERT}/ | ||
| + | chmod 0644 ${DEST_CERT}/ | ||
| openssl req -new -key " | openssl req -new -key " | ||
| -sha512 \ | -sha512 \ | ||
| Ligne 104: | Ligne 105: | ||
| root / | root / | ||
| autoindex on; | autoindex on; | ||
| - | index | ||
| - | location ~\.(sh|srl|csr)$ { | + | location ~\.key { |
| - | deny all; | + | |
| - | return 403; | + | |
| - | } | + | |
| - | location ~\.(key)$ { | + | |
| allow 172.17.0.63; | allow 172.17.0.63; | ||
| deny all; | deny all; | ||
| - | return 403; | + | } |
| - | } | + | |
| + | location ~\.(sh|srl|csr)$ { | ||
| + | deny all; | ||
| + | } | ||
| } | } | ||
| } | } | ||
| ``` | ``` | ||
procedures/internal_ca.1676020006.txt.gz · Dernière modification : 2023/02/10 09:06 de gizmo