diff --git a/VM_OPENSSL_APACHE.sh b/VM_OPENSSL_APACHE.sh index c1fc501..d07b308 100644 --- a/VM_OPENSSL_APACHE.sh +++ b/VM_OPENSSL_APACHE.sh @@ -20,6 +20,7 @@ cp ca/serial $CA_DIR cp ca/dh2048.pem $CA_DIR # correr oscp +killall openssl 2>/dev/null openssl ocsp -index $CA_DIR/index.txt -port 8888 -rsigner $CA_DIR/ca.crt -rkey $CA_DIR/ca.key -CA $CA_DIR/ca.crt -text & @@ -29,7 +30,7 @@ cp ca/ca.crt /etc/httpd/ssl/ cp ca/apache.crt /etc/httpd/ssl/ cp ca/apache.key /etc/httpd/ssl/ cp conf/ssl.conf /etc/httpd/conf.d/ssl.conf -cp conf/httpd-pam /etc/pam.d/httpd-totp +cp conf/httpd-totp /etc/pam.d/httpd-totp # NOTA(vasco) é preciso desativar home protection outra vez mkdir -p /etc/systemd/system/httpd.service.d diff --git a/conf/httpd-pam b/conf/httpd-totp similarity index 100% rename from conf/httpd-pam rename to conf/httpd-totp diff --git a/conf/httpd.conf b/conf/httpd.conf index e69de29..9419f2d 100644 --- a/conf/httpd.conf +++ b/conf/httpd.conf @@ -0,0 +1 @@ +# LoadModule authnz_pam_module modules/mod_authnz_pam.so \ No newline at end of file diff --git a/conf/ssl.conf b/conf/ssl.conf index 8aec562..54751bc 100644 --- a/conf/ssl.conf +++ b/conf/ssl.conf @@ -1,6 +1,6 @@ Listen 443 https - ServerName 10.60.0.2 + ServerName 10.60.0.1 DocumentRoot /var/www/html SSLEngine on diff --git a/user.p12 b/user.p12 new file mode 100644 index 0000000..a96e002 Binary files /dev/null and b/user.p12 differ