Fix #31 auto-generating SSL certs

pull/1/head
Jason Kendall 2020-02-24 21:09:08 -05:00
parent 33d55638f9
commit 89caffc58e
4 changed files with 7 additions and 7 deletions

View File

@ -52,7 +52,7 @@ Finally, copy any changes you make outside of the container for commiting to you
### Production
- Use docker-compose, or some other config management tool
- Directory volume mount SSL Certs `./ssl`: `/etc/ssl`
- Directory volume mount SSL Certs `./ssl`: `/etc/ssl/certs`
- Certificate File: `cert.pem`
- Certificate Key File: `key.pem`

View File

@ -35,7 +35,7 @@ services:
- "./server-configs/:/var/www/MISP/app/Config/"
- "./logs/:/var/www/MISP/app/tmp/logs/"
- "./files/:/var/www/MISP/app/files"
- "./ssl/:/etc/ssl/"
- "./ssl/:/etc/ssl/certs"
environment:
- "CRON_USER_ID=1"
- "REDIS_FQDN=redis"

View File

@ -55,9 +55,9 @@ init_misp_files(){
}
init_ssl() {
if [[ (! -f /etc/ssl/cert.pem) ||
(! -f /etc/ssl/key.pem) ]]; then
cd /etc/ssl
if [[ (! -f /etc/ssl/certs/cert.pem) || (! -f /etc/ssl/certs/key.pem) ]];
then
cd /etc/ssl/certs
openssl req -x509 -subj '/CN=localhost' -nodes -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365
fi
}

View File

@ -21,8 +21,8 @@ server {
log_not_found off;
error_log /dev/stderr error;
ssl_certificate /etc/ssl/cert.pem;
ssl_certificate_key /etc/ssl/key.pem;
ssl_certificate /etc/ssl/certs/cert.pem;
ssl_certificate_key /etc/ssl/certs/key.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;