installation correcte des clés SSL
This commit is contained in:
parent
42652130b1
commit
57c9605e83
20
lib/reset
20
lib/reset
|
@ -2,7 +2,7 @@
|
|||
# initial configuration of slapd
|
||||
|
||||
set -e
|
||||
LDIFDIR=/usr/share/slapd-supann/
|
||||
LDIFDIR=/usr/share/slapd-supann
|
||||
SERVICE="/usr/sbin/service slapd"
|
||||
|
||||
echo ""
|
||||
|
@ -44,12 +44,6 @@ fi
|
|||
mkdir -p /etc/ldap/slapd.d
|
||||
mkdir /var/lib/ldap/config-accesslog/ /var/lib/ldap/meta/
|
||||
|
||||
if [ ! -f /var/lib/ldap/ssl.pem -a ! -f /var/lib/ssl.key ]; then
|
||||
echo -n "Installation des certificats SSL par défaut .."
|
||||
cp ${LDIFDIR}/ssl.pem ${LDIFDIR}/ssl.key /var/lib/ldap
|
||||
echo "ok"
|
||||
fi
|
||||
|
||||
echo -n "Installation de la nouvelle configuration .. "
|
||||
slapadd -n0 -F/etc/ldap/slapd.d -l${LDIFDIR}/config.ldif
|
||||
echo "ok"
|
||||
|
@ -65,6 +59,18 @@ echo "ok"
|
|||
|
||||
chown -R openldap:openldap /etc/ldap/slapd.d /var/lib/ldap
|
||||
|
||||
if [ ! -s /etc/ldap/ssl/slapd.pem -o ! -s /etc/ldap/ssl/slapd.key ]; then
|
||||
echo "Pose de certificats SSL par défaut (invalides)"
|
||||
mkdir -p /etc/ldap/ssl
|
||||
cp -v ${LDIFDIR}/ssl.pem /etc/ldap/ssl/slapd.pem
|
||||
cp -v ${LDIFDIR}/ssl.key /etc/ldap/ssl/slapd.key
|
||||
chown -R root:openldap /etc/ldap/ssl
|
||||
chmod 0755 /etc/ldap/ssl
|
||||
chmod 0644 /etc/ldap/ssl/slapd.pem
|
||||
chmod 0640 /etc/ldap/ssl/slapd.key
|
||||
echo "ok"
|
||||
fi
|
||||
|
||||
${SERVICE} start
|
||||
|
||||
echo "Installation de la racine du méta-annuaire (o=meta) .. "
|
||||
|
|
|
@ -6,8 +6,8 @@ olcPidFile: /var/run/slapd/slapd.pid
|
|||
olcToolThreads: 1
|
||||
olcLogLevel: none
|
||||
olcServerId: 1
|
||||
olcTLSCertificateFile: /var/lib/ldap/ssl.pem
|
||||
olcTLSCertificateKeyFile: /var/lib/ldap/ssl.key
|
||||
olcTLSCertificateFile: /etc/ldap/ssl/slapd.pem
|
||||
olcTLSCertificateKeyFile: /etc/ldap/ssl/slapd.key
|
||||
|
||||
dn: cn=module{0},cn=config
|
||||
objectClass: olcModuleList
|
||||
|
|
Reference in New Issue