haskal
/
jiti-meet
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

debian: add SAN when generating self-signed certs 

Closes: #5547
This commit is contained in:
egerardus 2020-06-23 05:47:36 -07:00 committed by GitHub
parent 01a8cc1478
commit 76eabf1f29
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
debian/jitsi-meet-web-config.postinst vendored
View File

@ -91,10 +91,14 @@ case "$1" in
CERT_CRT="/etc/jitsi/meet/$JVB_HOSTNAME.crt" CERT_CRT="/etc/jitsi/meet/$JVB_HOSTNAME.crt"
HOST="$( (hostname -s; echo localhost) | head -n 1)" HOST="$( (hostname -s; echo localhost) | head -n 1)"
DOMAIN="$( (hostname -d; echo localdomain) | head -n 1)" DOMAIN="$( (hostname -d; echo localdomain) | head -n 1)"
openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -subj \ openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 -subj \
"/O=$DOMAIN/OU=$HOST/CN=$JVB_HOSTNAME/emailAddress=webmaster@$HOST.$DOMAIN" \ "/O=$DOMAIN/OU=$HOST/CN=$JVB_HOSTNAME/emailAddress=webmaster@$HOST.$DOMAIN" \
-keyout $CERT_KEY \ -keyout $CERT_KEY \
-out $CERT_CRT -out $CERT_CRT \
-reqexts SAN \
-extensions SAN \
-config <(cat /etc/ssl/openssl.cnf \
<(printf '[SAN]\nsubjectAltName=DNS:localhost,DNS:$JVB_HOSTNAME,IP:$JVB_HOSTNAME')) \
fi fi
fi fi