Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Developers' Forum

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 26th February 2011, 05:47
LaKing LaKing is offline
Junior Member
 
Join Date: Aug 2010
Posts: 13
Thanks: 0
Thanked 3 Times in 2 Posts
 
Wink Suggestion: Certificate self signing hard-coded, maybe worth to split.

Hi there. ...

I use my own CA to sign my SSL certificates, so I have a slightly modified apache2_plugin.inc.php

Code:
//exec("openssl req -x509 -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -in $csr_file -out $crt_file -days $ssl_days -config $config_file");

// HERE comes the only important modification. We sign the CRT file with our own CA!

exec("openssl ca -batch -out $crt_file -config /etc/pki/CA-lab/openssl.cnf -passin pass:$cert_password -in $csr_file");
(It looks better to have the 4 calls separated with 4 exec calls. )

To make the code clean and update friendly, IMO this call should be stored in some external config-like file, that does not get overwritten in an update.

What is the main developer's opinion on this?

Greetings and respect! ..
Reply With Quote
Sponsored Links
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPConfig 3 - CentOS 5.4 - SSL Problems!?! owainbaber Installation/Configuration 4 26th July 2011 17:12
SSL client certificates teves Installation/Configuration 6 26th February 2011 06:20
Is my postfix is hacked? bzzik Server Operation 21 15th July 2009 14:13
SSL for virtual hosts on one certificate rbartz Tips/Tricks/Mods 8 20th November 2007 17:59


All times are GMT +2. The time now is 23:13.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.