cluster-devel.redhat.com archive mirror
 help / color / mirror / Atom feed
* [Cluster-devel] conga luci/init.d/luci luci/utils/luci_admin r ...
@ 2007-01-11  0:24 kupcevic
  0 siblings, 0 replies; 2+ messages in thread
From: kupcevic @ 2007-01-11  0:24 UTC (permalink / raw)
  To: cluster-devel.redhat.com

CVSROOT:	/cvs/cluster
Module name:	conga
Branch: 	RHEL5
Changes by:	kupcevic at sourceware.org	2007-01-11 00:23:59

Modified files:
	luci/init.d    : luci 
	luci/utils     : luci_admin 
	ricci/init.d   : ricci 
	ricci/test     : INSTALL 

Log message:
	increase certs' lifes to 5 years (from 3)

Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/init.d/luci.diff?cvsroot=cluster&only_with_tag=RHEL5&r1=1.11&r2=1.11.2.1
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/utils/luci_admin.diff?cvsroot=cluster&only_with_tag=RHEL5&r1=1.50.2.1&r2=1.50.2.2
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/init.d/ricci.diff?cvsroot=cluster&only_with_tag=RHEL5&r1=1.8.2.1&r2=1.8.2.2
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/test/INSTALL.diff?cvsroot=cluster&only_with_tag=RHEL5&r1=1.2&r2=1.2.2.1

--- conga/luci/init.d/luci	2006/10/05 15:01:39	1.11
+++ conga/luci/init.d/luci	2007/01/11 00:23:58	1.11.2.1
@@ -67,7 +67,7 @@
     rm -f $HTTPS_PRIVKEY $HTTPS_PUBKEY
     echo -n "generating https SSL certificates...  "
     /usr/bin/openssl genrsa -out $HTTPS_PRIVKEY 2048 > /dev/null 2>&1
-    /usr/bin/openssl req -new -x509 -key $HTTPS_PRIVKEY -out $HTTPS_PUBKEY -days 1095 -config /var/lib/luci/var/certs/cacert.config
+    /usr/bin/openssl req -new -x509 -key $HTTPS_PRIVKEY -out $HTTPS_PUBKEY -days 1825 -config /var/lib/luci/var/certs/cacert.config
     /bin/chown $LUCI_USER:$LUCI_GROUP $HTTPS_PRIVKEY $HTTPS_PUBKEY
     /bin/chmod 600 $HTTPS_PRIVKEY
     /bin/chmod 644 $HTTPS_PUBKEY
--- conga/luci/utils/luci_admin	2006/12/22 17:50:17	1.50.2.1
+++ conga/luci/utils/luci_admin	2007/01/11 00:23:59	1.50.2.2
@@ -996,9 +996,9 @@
     args = [command, 'genrsa', '-out', SSL_PRIVKEY_PATH, '2048']
     _execWithCaptureErrorStatus(command, args)
     
-    # /usr/bin/openssl req -new -x509 -key /var/lib/luci/var/certs/privkey.pem -out /var/lib/luci/var/certs/cacert.pem -days 1095 -config /var/lib/luci/var/certs/cacert.config
+    # /usr/bin/openssl req -new -x509 -key /var/lib/luci/var/certs/privkey.pem -out /var/lib/luci/var/certs/cacert.pem -days 1825 -config /var/lib/luci/var/certs/cacert.config
     command = '/usr/bin/openssl'
-    args = [command, 'req', '-new', '-x509', '-key', SSL_PRIVKEY_PATH, '-out', SSL_PUBKEY_PATH, '-days', '1095', '-config', SSL_KEYCONFIG_PATH]
+    args = [command, 'req', '-new', '-x509', '-key', SSL_PRIVKEY_PATH, '-out', SSL_PUBKEY_PATH, '-days', '1825', '-config', SSL_KEYCONFIG_PATH]
     _execWithCaptureErrorStatus(command, args)
     
     # take ownership and restrict access
--- conga/ricci/init.d/ricci	2006/10/24 21:59:55	1.8.2.1
+++ conga/ricci/init.d/ricci	2007/01/11 00:23:59	1.8.2.2
@@ -58,7 +58,7 @@
     rm -f $SSL_PUBKEY $SSL_PRIVKEY
     echo -n "generating SSL certificates...  "
     /usr/bin/openssl genrsa -out $SSL_PRIVKEY 2048 > /dev/null 2>&1
-    /usr/bin/openssl req -new -x509 -key $SSL_PRIVKEY -out $SSL_PUBKEY -days 1095 -config /var/lib/ricci/certs/cacert.config
+    /usr/bin/openssl req -new -x509 -key $SSL_PRIVKEY -out $SSL_PUBKEY -days 1825 -config /var/lib/ricci/certs/cacert.config
     /bin/chown $RUNASUSER:$RUNASUSER $SSL_PRIVKEY $SSL_PUBKEY
     /bin/chmod 644 $SSL_PUBKEY
     /bin/chmod 600 $SSL_PRIVKEY
--- conga/ricci/test/INSTALL	2006/03/28 15:46:58	1.2
+++ conga/ricci/test/INSTALL	2007/01/11 00:23:59	1.2.2.1
@@ -6,7 +6,7 @@
 
 2. Generate SSL key and certificate:
 	openssl genrsa -out privkey.pem 2048
-	openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
+	openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1825
 	and move them to /usr/share/ricci-storage-web/certs/
 
 3. chmod a+x /var/www/cgi-bin/ricci-storage-web



^ permalink raw reply	[flat|nested] 2+ messages in thread
* [Cluster-devel] conga luci/init.d/luci luci/utils/luci_admin r ...
@ 2007-01-18  3:02 rmccabe
  0 siblings, 0 replies; 2+ messages in thread
From: rmccabe @ 2007-01-18  3:02 UTC (permalink / raw)
  To: cluster-devel.redhat.com

CVSROOT:	/cvs/cluster
Module name:	conga
Changes by:	rmccabe at sourceware.org	2007-01-18 03:02:39

Modified files:
	luci/init.d    : luci 
	luci/utils     : luci_admin 
	ricci          : ricci.spec.in.in 
	ricci/init.d   : ricci 
	ricci/test_suite: generate_certs.sh 

Log message:
	bump the certificate lifetime to 5 years (from 3) to match the settings in the -RHEL5 branch

Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/init.d/luci.diff?cvsroot=cluster&r1=1.13&r2=1.14
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/utils/luci_admin.diff?cvsroot=cluster&r1=1.51&r2=1.52
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/ricci.spec.in.in.diff?cvsroot=cluster&r1=1.12&r2=1.13
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/init.d/ricci.diff?cvsroot=cluster&r1=1.9&r2=1.10
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/test_suite/generate_certs.sh.diff?cvsroot=cluster&r1=1.1&r2=1.2

--- conga/luci/init.d/luci	2006/11/02 00:46:49	1.13
+++ conga/luci/init.d/luci	2007/01/18 03:02:38	1.14
@@ -67,7 +67,7 @@
     rm -f $HTTPS_PRIVKEY $HTTPS_PUBKEY
     echo -n "generating https SSL certificates...  "
     /usr/bin/openssl genrsa -out $HTTPS_PRIVKEY 2048 > /dev/null 2>&1
-    /usr/bin/openssl req -new -x509 -key $HTTPS_PRIVKEY -out $HTTPS_PUBKEY -days 1095 -config /var/lib/luci/var/certs/cacert.config
+    /usr/bin/openssl req -new -x509 -key $HTTPS_PRIVKEY -out $HTTPS_PUBKEY -days 1825 -config /var/lib/luci/var/certs/cacert.config
     /bin/chown $LUCI_USER:$LUCI_GROUP $HTTPS_PRIVKEY $HTTPS_PUBKEY
     /bin/chmod 600 $HTTPS_PRIVKEY
     /bin/chmod 644 $HTTPS_PUBKEY
--- conga/luci/utils/luci_admin	2006/12/21 21:32:00	1.51
+++ conga/luci/utils/luci_admin	2007/01/18 03:02:38	1.52
@@ -996,9 +996,9 @@
     args = [command, 'genrsa', '-out', SSL_PRIVKEY_PATH, '2048']
     _execWithCaptureErrorStatus(command, args)
     
-    # /usr/bin/openssl req -new -x509 -key /var/lib/luci/var/certs/privkey.pem -out /var/lib/luci/var/certs/cacert.pem -days 1095 -config /var/lib/luci/var/certs/cacert.config
+    # /usr/bin/openssl req -new -x509 -key /var/lib/luci/var/certs/privkey.pem -out /var/lib/luci/var/certs/cacert.pem -days 1825 -config /var/lib/luci/var/certs/cacert.config
     command = '/usr/bin/openssl'
-    args = [command, 'req', '-new', '-x509', '-key', SSL_PRIVKEY_PATH, '-out', SSL_PUBKEY_PATH, '-days', '1095', '-config', SSL_KEYCONFIG_PATH]
+    args = [command, 'req', '-new', '-x509', '-key', SSL_PRIVKEY_PATH, '-out', SSL_PUBKEY_PATH, '-days', '1825', '-config', SSL_KEYCONFIG_PATH]
     _execWithCaptureErrorStatus(command, args)
     
     # take ownership and restrict access
--- conga/ricci/ricci.spec.in.in	2006/05/26 22:17:35	1.12
+++ conga/ricci/ricci.spec.in.in	2007/01/18 03:02:38	1.13
@@ -85,7 +85,7 @@
 if [ ! -e /var/lib/ricci/certs/privkey.pem ]; then
 	/usr/bin/openssl genrsa -out /var/lib/ricci/certs/privkey.pem 2048 > /dev/null 2>&1
 	/usr/bin/openssl req -new -x509 -key /var/lib/ricci/certs/privkey.pem \
-	-out /var/lib/ricci/certs/cacert.pem -days 1095 -config /var/lib/ricci/certs/cacert.config
+	-out /var/lib/ricci/certs/cacert.pem -days 1825 -config /var/lib/ricci/certs/cacert.config
 	/bin/chown -R ricci:ricci /var/lib/ricci/certs/*
 	/bin/chmod 644 /var/lib/ricci/certs/*
 	/bin/chmod 400 /var/lib/ricci/certs/privkey.pem
--- conga/ricci/init.d/ricci	2006/10/24 21:54:29	1.9
+++ conga/ricci/init.d/ricci	2007/01/18 03:02:38	1.10
@@ -58,7 +58,7 @@
     rm -f $SSL_PUBKEY $SSL_PRIVKEY
     echo -n "generating SSL certificates...  "
     /usr/bin/openssl genrsa -out $SSL_PRIVKEY 2048 > /dev/null 2>&1
-    /usr/bin/openssl req -new -x509 -key $SSL_PRIVKEY -out $SSL_PUBKEY -days 1095 -config /var/lib/ricci/certs/cacert.config
+    /usr/bin/openssl req -new -x509 -key $SSL_PRIVKEY -out $SSL_PUBKEY -days 1825 -config /var/lib/ricci/certs/cacert.config
     /bin/chown $RUNASUSER:$RUNASUSER $SSL_PRIVKEY $SSL_PUBKEY
     /bin/chmod 644 $SSL_PUBKEY
     /bin/chmod 600 $SSL_PRIVKEY
--- conga/ricci/test_suite/generate_certs.sh	2006/10/27 19:30:30	1.1
+++ conga/ricci/test_suite/generate_certs.sh	2007/01/18 03:02:39	1.2
@@ -1,5 +1,5 @@
 #!/bin/bash
 
 /usr/bin/openssl genrsa -out privkey.pem 2048
-/usr/bin/openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095 -config cacert.config
+/usr/bin/openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1825 -config cacert.config
 chmod go-rwx *.pem



^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2007-01-18  3:02 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-01-11  0:24 [Cluster-devel] conga luci/init.d/luci luci/utils/luci_admin r kupcevic
  -- strict thread matches above, loose matches on Subject: below --
2007-01-18  3:02 rmccabe

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).