Ticket #1552: install_ssl.patch
File install_ssl.patch, 16.0 KB (added by joaquim.ferraz, 13 years ago) |
---|
-
debian/arqs-conf/etc/apache2/sites-available/default
diff -NEbaur -x '\.svn' doc-expressolivre/debian/arqs-conf/etc/apache2/sites-available/default doc-expressolivre_alt/debian/arqs-conf/etc/apache2/sites-available/default
old new 76 76 SSLCertificateFile /etc/apache2/ssl/server.crt 77 77 SSLCertificateKeyFile /etc/apache2/ssl/server.key.pem 78 78 SSLCACertificatePath /etc/apache2/ssl 79 SSLCACertificateFile /etc/apache2/ssl/cacert.pem80 79 81 80 SSLVerifyClient none 82 81 SSLVerifyDepth 10 -
debian/arqs-conf/etc/apache2/sites-available/default.lenny
diff -NEbaur -x '\.svn' doc-expressolivre/debian/arqs-conf/etc/apache2/sites-available/default.lenny doc-expressolivre_alt/debian/arqs-conf/etc/apache2/sites-available/default.lenny
old new 76 76 SSLCertificateFile /etc/apache2/ssl/server.crt 77 77 SSLCertificateKeyFile /etc/apache2/ssl/server.key.pem 78 78 SSLCACertificatePath /etc/apache2/ssl 79 SSLCACertificateFile /etc/apache2/ssl/cacert.pem80 79 81 80 SSLVerifyClient none 82 81 SSLVerifyDepth 10 -
debian/arqs-conf/etc/apache2/ssl/cacert.pem
diff -NEbaur -x '\.svn' doc-expressolivre/debian/arqs-conf/etc/apache2/ssl/cacert.pem doc-expressolivre_alt/debian/arqs-conf/etc/apache2/ssl/cacert.pem
old new 1 -----BEGIN CERTIFICATE-----2 MIIDJTCCAo6gAwIBAgIJANV53TwcuDSoMA0GCSqGSIb3DQEBBQUAMGsxCzAJBgNV3 BAYTAkJSMQwwCgYDVQQIEwNSR1MxFTATBgNVBAcTDFBPUlRPIEFMRUdSRTERMA8G4 A1UEChMIRVhQUkVTU08xETAPBgNVBAsTCEVYUFJFU1NPMREwDwYDVQQDEwhFWFBS5 RVNTTzAeFw0wOTA0MTYxOTA0MjlaFw0xMDA0MTYxOTA0MjlaMGsxCzAJBgNVBAYT6 AkJSMQwwCgYDVQQIEwNSR1MxFTATBgNVBAcTDFBPUlRPIEFMRUdSRTERMA8GA1UE7 ChMIRVhQUkVTU08xETAPBgNVBAsTCEVYUFJFU1NPMREwDwYDVQQDEwhFWFBSRVNT8 TzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAohiBR27FKKL7e9GiqAmdg1py9 uYI6tl8xEAxhUScrog5BzPCZgM0+ArqLLbpwyCqcVuxzhrp6YrnuI2CItArAIQvB10 5Sm04uKKoYjCEl/BsmvRbvEmUYCkmWXo2YBK4vsxEuRaNWxfD6r/0JCHJFU+4oDa11 z0na7H1Xylzpf0Eick8CAwEAAaOB0DCBzTAdBgNVHQ4EFgQUAmp9kXNtu8kt3wIZ12 2hyy8K39TRwwgZ0GA1UdIwSBlTCBkoAUAmp9kXNtu8kt3wIZ2hyy8K39TRyhb6Rt13 MGsxCzAJBgNVBAYTAkJSMQwwCgYDVQQIEwNSR1MxFTATBgNVBAcTDFBPUlRPIEFM14 RUdSRTERMA8GA1UEChMIRVhQUkVTU08xETAPBgNVBAsTCEVYUFJFU1NPMREwDwYD15 VQQDEwhFWFBSRVNTT4IJANV53TwcuDSoMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcN16 AQEFBQADgYEAStkZPzZLGh5RkajmG+IsXOJVe7sxTzlPo1hMW/WDzbRxcXIVPkYY17 OdxOIXYAn35XCAOBBXzh1FNpEX/TVMngIeOnvjbcsxwcTMLUVVs4nQGy+V+sL6qf18 CR6sEzpVZIcHXOFeKK7To1T2V3Pltj6yTQ4lDA4IKXl+Clj1Pl6anrw=19 -----END CERTIFICATE----- -
debian/arqs-conf/etc/apache2/ssl/server.crt
diff -NEbaur -x '\.svn' doc-expressolivre/debian/arqs-conf/etc/apache2/ssl/server.crt doc-expressolivre_alt/debian/arqs-conf/etc/apache2/ssl/server.crt
old new 1 Certificate:2 Data:3 Version: 3 (0x2)4 Serial Number: 1 (0x1)5 Signature Algorithm: sha1WithRSAEncryption6 Issuer: C=BR, ST=RGS, L=PORTO ALEGRE, O=EXPRESSO, OU=EXPRESSO, CN=EXPRESSO7 Validity8 Not Before: Apr 16 19:41:53 2009 GMT9 Not After : Apr 16 19:41:53 2010 GMT10 Subject: C=BR, ST=RGS, O=EXPRESSO, OU=SERVIDOR-EXPRESSO, CN=SERVIDOR-EXPRESSO11 Subject Public Key Info:12 Public Key Algorithm: rsaEncryption13 RSA Public Key: (1024 bit)14 Modulus (1024 bit):15 00:d2:99:0d:00:ac:cd:36:9c:3b:ad:33:6e:2c:95:16 f6:1e:00:ad:f6:7b:f9:44:0e:68:10:40:68:3f:76:17 4e:3c:48:b0:37:51:ad:cc:8f:0c:dd:b1:a7:de:93:18 6a:1b:d0:b5:b0:ec:4e:69:84:aa:38:15:6b:5d:df:19 96:af:79:4a:c6:eb:4a:0b:65:c6:9c:6e:86:d2:52:20 60:77:73:17:23:6c:a7:cd:96:16:26:5f:a8:12:e4:21 66:b1:30:a6:c3:74:75:b8:a4:10:0b:1a:05:86:5e:22 87:b2:86:7d:49:37:b9:27:d4:f8:3c:ea:cc:0d:06:23 49:e9:ca:26:77:89:04:bd:eb24 Exponent: 65537 (0x10001)25 X509v3 extensions:26 X509v3 Basic Constraints:27 CA:FALSE28 Netscape Comment:29 OpenSSL Generated Certificate30 X509v3 Subject Key Identifier:31 72:BB:25:9C:5C:00:19:68:10:14:7A:E0:B9:07:75:B0:63:51:05:D232 X509v3 Authority Key Identifier:33 keyid:02:6A:7D:91:73:6D:BB:C9:2D:DF:02:19:DA:1C:B2:F0:AD:FD:4D:1C34 35 Signature Algorithm: sha1WithRSAEncryption36 98:b0:61:1b:10:4d:e6:37:f9:a6:ce:d5:3b:d5:9b:bb:7e:28:37 73:52:dd:b1:88:6a:f1:a1:9d:96:6b:db:b7:89:3a:f9:e6:f5:38 fb:b2:a6:2e:6f:4e:77:ed:62:f9:e2:18:03:55:9f:06:43:26:39 c1:50:5c:10:f8:41:ee:f1:93:38:f5:5f:0a:de:2d:a6:52:5f:40 48:07:0c:9c:fc:4b:3a:95:15:ed:9a:4f:b3:0b:fa:87:51:f9:41 7b:87:c4:1b:9f:77:f0:fd:99:64:4e:91:9e:29:42:49:78:31:42 0f:b5:f9:91:7d:2f:0e:9d:0b:66:84:59:3d:bc:c7:45:82:16:43 39:cf44 -----BEGIN CERTIFICATE-----45 MIICwjCCAiugAwIBAgIBATANBgkqhkiG9w0BAQUFADBrMQswCQYDVQQGEwJCUjEM46 MAoGA1UECBMDUkdTMRUwEwYDVQQHEwxQT1JUTyBBTEVHUkUxETAPBgNVBAoTCEVY47 UFJFU1NPMREwDwYDVQQLEwhFWFBSRVNTTzERMA8GA1UEAxMIRVhQUkVTU08wHhcN48 MDkwNDE2MTk0MTUzWhcNMTAwNDE2MTk0MTUzWjBmMQswCQYDVQQGEwJCUjEMMAoG49 A1UECBMDUkdTMREwDwYDVQQKEwhFWFBSRVNTTzEaMBgGA1UECxMRU0VSVklET1It50 RVhQUkVTU08xGjAYBgNVBAMTEVNFUlZJRE9SLUVYUFJFU1NPMIGfMA0GCSqGSIb351 DQEBAQUAA4GNADCBiQKBgQDSmQ0ArM02nDutM24slfYeAK32e/lEDmgQQGg/dk4852 SLA3Ua3Mjwzdsafek2ob0LWw7E5phKo4FWtd35aveUrG60oLZcacbobSUmB3cxcj53 bKfNlhYmX6gS5GaxMKbDdHW4pBALGgWGXoeyhn1JN7kn1Pg86swNBknpyiZ3iQS954 6wIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdl55 bmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUcrslnFwAGWgQFHrguQd1sGNR56 BdIwHwYDVR0jBBgwFoAUAmp9kXNtu8kt3wIZ2hyy8K39TRwwDQYJKoZIhvcNAQEF57 BQADgYEAmLBhGxBN5jf5ps7VO9Wbu34oc1LdsYhq8aGdlmvbt4k6+eb1+7KmLm9O58 d+1i+eIYA1WfBkMmwVBcEPhB7vGTOPVfCt4tplJfSAcMnPxLOpUV7ZpPswv6h1H559 e4fEG5938P2ZZE6RnilCSXgxD7X5kX0vDp0LZoRZPbzHRYIWOc8=60 -----END CERTIFICATE----- -
debian/arqs-conf/etc/apache2/ssl/server.key.pem
diff -NEbaur -x '\.svn' doc-expressolivre/debian/arqs-conf/etc/apache2/ssl/server.key.pem doc-expressolivre_alt/debian/arqs-conf/etc/apache2/ssl/server.key.pem
old new 1 -----BEGIN RSA PRIVATE KEY-----2 MIICXQIBAAKBgQDSmQ0ArM02nDutM24slfYeAK32e/lEDmgQQGg/dk48SLA3Ua3M3 jwzdsafek2ob0LWw7E5phKo4FWtd35aveUrG60oLZcacbobSUmB3cxcjbKfNlhYm4 X6gS5GaxMKbDdHW4pBALGgWGXoeyhn1JN7kn1Pg86swNBknpyiZ3iQS96wIDAQAB5 AoGADV1XHObacw/BHcG4yS2PG+JRJ+ZAMFh1tCpSM0zPtDWssSYG0Id3eo4uqApU6 3oUFMsAcTcf0gXCiiqeIyYP6Ab4XzIS0AhtjHuzLPkvhq8F+3N8AN2bloEgquJp37 wTjV/MUGcZKxgdIxFyEPetz2iXAlv6doSXHTUhsHUsgNxOECQQD63BUxRIDzzWiZ8 AZexYYqLVBQki3J69AuaTOQUbfdTWDsDcGwGpYjZGnvK+jZL9C7/b7KWwO0ub5Qb9 EiNSE6TRAkEA1unE7n1hIiKWmgeWAhiY3rQn4OLiPGo3EUl1I5YR1TUHQn7WlpoA10 3RV7DBv6FnZ3h7fy1gwuDhiB+xI/cq0V+wJBAPCtiJOdMs82St1Jft1LRR4Jy82I11 EIzQafVfQhArtPe8ldnl2W7DELmixBRo3QEgRJsD8mbasHQ1zvXt//82I5ECQQCa12 kJpf47CeOj4SHW6Xp1Uapnsf1E1dog5k0m364A2HR5InEs4GllAUsURD20MsMJua13 8oMlyrC81od1KRSUx0NNAkBvIBEwaDvN+xM+FAOOT5R1C7oT85XCHECpttSnLsG514 VhlBmCxoH4qZnziSHbypS3SWn804PTtXSyb2LLFf1Ti/15 -----END RSA PRIVATE KEY----- -
debian/expressoInstallDebian-lenny-es.sh
diff -NEbaur -x '\.svn' doc-expressolivre/debian/expressoInstallDebian-lenny-es.sh doc-expressolivre_alt/debian/expressoInstallDebian-lenny-es.sh
old new 72 72 cp ./arqs-conf/etc/apache2/apache2.conf.lenny /etc/apache2/apache2.conf 73 73 cp ./arqs-conf/etc/apache2/sites-available/default.lenny /etc/apache2/sites-available/expresso 74 74 cp ./arqs-conf/etc/apache2/ports.conf.lenny /etc/apache2/ports.conf 75 cp -r -p ./arqs-conf/etc/apache2/ssl/ /etc/apache2/76 75 77 76 cp ./arqs-conf/etc/php5/apache2/php.ini /etc/php5/apache2/ 78 77 mkdir /php_sessions/ || { echo "Diretório já existe. [OK]"; } 79 chmod -R 77 7/php_sessions/78 chmod -R 770 /php_sessions/ 80 79 81 80 a2ensite expresso 82 81 a2dissite default … … 84 83 # Linha adicionada para resolver alguns warnings quando "apache2ctl configtest" 85 84 HOST=`hostname` ; mv /etc/hosts /etc/hosts.ori ; echo 127.0.0.1 $DOMAIN localhost $HOST > /etc/hosts ; cat /etc/hosts.ori >> /etc/hosts ; rm /etc/hosts.ori 86 85 86 # Gerando certificado digital para o Apache(HTTPS) 87 INFOCERTIFICADO=' 88 Informacoes para o certificado digital 89 90 FAVOR NAO USAR ACENTOS E CARACTERES ESPECIAIS!!! 91 92 6 (seis) perguntas serao feitas a voce. 93 - Escolha um pais. 94 - Escolha um estado. 95 - Escolha uma cidade. 96 - Escolha uma empresa. 97 - Escolha uma senha para o certificado. 98 - Escolha o tempo de expiracao do certificado. 99 100 Com estas informacoes o script podera 101 gerar e instalar o certificado digital 102 no servidor no Apache. 103 ' 104 105 dialog --backtitle "$BACKTITLE" \ 106 --cr-wrap \ 107 --msgbox "$INFOCERTIFICADO" \ 108 20 55 && 109 110 COUNTRY=$( dialog --stdout --inputbox 'Digite as duas letras do pais, (ex.: BR)' 0 55 ) 111 STATE=$( dialog --stdout --inputbox 'Digite o nome do estado, (ex.: Pernambuco)' 0 55 ) 112 CITY=$( dialog --stdout --inputbox 'Digite o nome da cidade, (ex.: Recife)' 0 55 ) 113 COMPANY=$( dialog --stdout --inputbox 'Digite o nome da empresa, (ex.: ATI-PE)' 0 55 ) 114 PASSCERT=$( dialog --stdout --inputbox 'Digite a senha do certificado com no minimo 4 digitos' 0 70 ) 115 EXPIRESCERT=$( dialog --stdout --inputbox 'Digite o numero de dias para a expiracao do certificado, (ex.: 1 ano eh igual a 365)' 0 100 ) 116 117 openssl req -passout pass:$PASSCERT -subj "/C=$COUNTRY/ST=$STATE/L=$CITY/O=$COMPANY" -new > new.cert.csr 118 openssl rsa -passin pass:$PASSCERT -in privkey.pem -out new.cert.key 119 openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey new.cert.key -days $EXPIRESCERT 120 121 mv new.cert.cert /etc/apache2/ssl/server.crt 122 mv new.cert.key /etc/apache2/ssl/server.key.pem 123 rm new.cert.csr 124 rm privkey.pem 125 # Fim do gerando certificado digital para o Apache(HTTPS) 126 87 127 /etc/init.d/apache2 restart 88 128 89 129 ############################################################################################ -
debian/expressoInstallDebian-lenny.sh
diff -NEbaur -x '\.svn' doc-expressolivre/debian/expressoInstallDebian-lenny.sh doc-expressolivre_alt/debian/expressoInstallDebian-lenny.sh
old new 71 71 cp ./arqs-conf/etc/apache2/apache2.conf.lenny /etc/apache2/apache2.conf 72 72 cp ./arqs-conf/etc/apache2/sites-available/default.lenny /etc/apache2/sites-available/expresso 73 73 cp ./arqs-conf/etc/apache2/ports.conf.lenny /etc/apache2/ports.conf 74 cp -r -p ./arqs-conf/etc/apache2/ssl/ /etc/apache2/75 74 76 75 cp ./arqs-conf/etc/php5/apache2/php.ini /etc/php5/apache2/ 77 76 mkdir /php_sessions/ || { echo "Diretório já existe. [OK]"; } 78 chmod -R 77 7/php_sessions/77 chmod -R 770 /php_sessions/ 79 78 80 79 a2ensite expresso 81 80 a2dissite default … … 83 82 # Linha adicionada para resolver alguns warnings quando "apache2ctl configtest" 84 83 HOST=`hostname` ; mv /etc/hosts /etc/hosts.ori ; echo 127.0.0.1 $DOMAIN localhost $HOST > /etc/hosts ; cat /etc/hosts.ori >> /etc/hosts ; rm /etc/hosts.ori 85 84 85 # Gerando certificado digital para o Apache(HTTPS) 86 INFOCERTIFICADO=' 87 Informacoes para o certificado digital 88 89 FAVOR NAO USAR ACENTOS E CARACTERES ESPECIAIS!!! 90 91 6 (seis) perguntas serao feitas a voce. 92 - Escolha um pais. 93 - Escolha um estado. 94 - Escolha uma cidade. 95 - Escolha uma empresa. 96 - Escolha uma senha para o certificado. 97 - Escolha o tempo de expiracao do certificado. 98 99 Com estas informacoes o script podera 100 gerar e instalar o certificado digital 101 no servidor no Apache. 102 ' 103 104 dialog --backtitle "$BACKTITLE" \ 105 --cr-wrap \ 106 --msgbox "$INFOCERTIFICADO" \ 107 20 55 && 108 109 COUNTRY=$( dialog --stdout --inputbox 'Digite as duas letras do pais, (ex.: BR)' 0 55 ) 110 STATE=$( dialog --stdout --inputbox 'Digite o nome do estado, (ex.: Pernambuco)' 0 55 ) 111 CITY=$( dialog --stdout --inputbox 'Digite o nome da cidade, (ex.: Recife)' 0 55 ) 112 COMPANY=$( dialog --stdout --inputbox 'Digite o nome da empresa, (ex.: ATI-PE)' 0 55 ) 113 PASSCERT=$( dialog --stdout --inputbox 'Digite a senha do certificado com no minimo 4 digitos' 0 70 ) 114 EXPIRESCERT=$( dialog --stdout --inputbox 'Digite o numero de dias para a expiracao do certificado, (ex.: 1 ano eh igual a 365)' 0 100 ) 115 116 openssl req -passout pass:$PASSCERT -subj "/C=$COUNTRY/ST=$STATE/L=$CITY/O=$COMPANY" -new > new.cert.csr 117 openssl rsa -passin pass:$PASSCERT -in privkey.pem -out new.cert.key 118 openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey new.cert.key -days $EXPIRESCERT 119 120 mv new.cert.cert /etc/apache2/ssl/server.crt 121 mv new.cert.key /etc/apache2/ssl/server.key.pem 122 rm new.cert.csr 123 rm privkey.pem 124 # Fim do gerando certificado digital para o Apache(HTTPS) 125 86 126 /etc/init.d/apache2 restart 87 127 88 128 ############################################################################################ -
debian/expressoInstallDebian-squeeze.sh
diff -NEbaur -x '\.svn' doc-expressolivre/debian/expressoInstallDebian-squeeze.sh doc-expressolivre_alt/debian/expressoInstallDebian-squeeze.sh
old new 66 66 cp ./arqs-conf/etc/apache2/apache2.conf.lenny /etc/apache2/apache2.conf 67 67 cp ./arqs-conf/etc/apache2/sites-available/default.lenny /etc/apache2/sites-available/expresso 68 68 cp ./arqs-conf/etc/apache2/ports.conf.lenny /etc/apache2/ports.conf 69 cp -r -p ./arqs-conf/etc/apache2/ssl/ /etc/apache2/70 69 71 70 cp ./arqs-conf/etc/php5/apache2/php.ini /etc/php5/apache2/ 72 71 mkdir /php_sessions/ || { echo "Diretorio ja existe. [OK]"; } … … 78 77 # Linha adicionada para resolver alguns warnings quando "apache2ctl configtest" 79 78 HOST=`hostname` ; mv /etc/hosts /etc/hosts.ori ; echo 127.0.0.1 $DOMAIN localhost $HOST > /etc/hosts ; cat /etc/hosts.ori >> /etc/hosts ; rm /etc/hosts.ori 80 79 80 # Gerando certificado digital para o Apache(HTTPS) 81 INFOCERTIFICADO=' 82 Informacoes para o certificado digital 83 84 FAVOR NAO USAR ACENTOS E CARACTERES ESPECIAIS!!! 85 86 6 (seis) perguntas serao feitas a voce. 87 - Escolha um pais. 88 - Escolha um estado. 89 - Escolha uma cidade. 90 - Escolha uma empresa. 91 - Escolha uma senha para o certificado. 92 - Escolha o tempo de expiracao do certificado. 93 94 Com estas informacoes o script podera 95 gerar e instalar o certificado digital 96 no servidor no Apache. 97 ' 98 99 dialog --backtitle "$BACKTITLE" \ 100 --cr-wrap \ 101 --msgbox "$INFOCERTIFICADO" \ 102 20 55 && 103 104 COUNTRY=$( dialog --stdout --inputbox 'Digite as duas letras do pais, (ex.: BR)' 0 55 ) 105 STATE=$( dialog --stdout --inputbox 'Digite o nome do estado, (ex.: Pernambuco)' 0 55 ) 106 CITY=$( dialog --stdout --inputbox 'Digite o nome da cidade, (ex.: Recife)' 0 55 ) 107 COMPANY=$( dialog --stdout --inputbox 'Digite o nome da empresa, (ex.: ATI-PE)' 0 55 ) 108 PASSCERT=$( dialog --stdout --inputbox 'Digite a senha do certificado com no minimo 4 digitos' 0 70 ) 109 EXPIRESCERT=$( dialog --stdout --inputbox 'Digite o numero de dias para a expiracao do certificado, (ex.: 1 ano eh igual a 365)' 0 100 ) 110 111 openssl req -passout pass:$PASSCERT -subj "/C=$COUNTRY/ST=$STATE/L=$CITY/O=$COMPANY" -new > new.cert.csr 112 openssl rsa -passin pass:$PASSCERT -in privkey.pem -out new.cert.key 113 openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey new.cert.key -days $EXPIRESCERT 114 115 mv new.cert.cert /etc/apache2/ssl/server.crt 116 mv new.cert.key /etc/apache2/ssl/server.key.pem 117 rm new.cert.csr 118 rm privkey.pem 119 # Fim do gerando certificado digital para o Apache(HTTPS) 120 81 121 /etc/init.d/apache2 restart 82 122 83 123 ############################################################################################