Navigation


Changeset 509:f82bf741cd10 in freeDiameter


Ignore:
Timestamp:
Aug 20, 2010, 11:45:40 AM (14 years ago)
Author:
Sebastien Decugis <sdecugis@nict.go.jp>
Branch:
default
Phase:
public
Message:

Improved the postinst script to generate a CSR also

File:
1 edited

Legend:

Unmodified
Added
Removed
  • contrib/OpenWRT/packages/freeDiameter/Makefile

    r508 r509  
    171171   echo "signing_key"                           >>/tmp/template.cnf
    172172   echo "encryption_key"                        >>/tmp/template.cnf
     173   certtool -q --load-privkey /etc/freeDiameter/freeDiameter.key \
     174               --outfile /etc/freeDiameter/freeDiameter.csr \
     175               --template /tmp/template.cnf
    173176   certtool -s --load-privkey /etc/freeDiameter/freeDiameter.key \
    174177               --outfile /etc/freeDiameter/freeDiameter.pem \
     
    176179   rm -f /tmp/template.cnf
    177180   echo "Done."
    178    echo "============================================================"
     181   echo "========================================================================"
    179182   echo "To enable TLS communication, you should either:"
    180183   echo "  - use a real certificate signed by your server's CA"
    181    echo "  - or, copy the two peers certificates in a ca.pem file and "
    182    echo "    add this file in freeDiameter configuration."
    183    echo "============================================================"
     184   echo "      (CSR provided in /etc/freeDiameter/freeDiameter.csr)"
     185   echo "  - or, copy the two certificates (client & server) in a ca.pem file and "
     186   echo "    add this file in both freeDiameter configurations (as TLS_CA)."
     187   echo "========================================================================"
    184188fi
    185189endef
Note: See TracChangeset for help on using the changeset viewer.