浏览代码

Merge pull request #11272 from Michael-Gardner/HPCC-19804

HPCC-19804 Add public key alongside certificates

Reviewed-By: Russ Whitehead <william.whitehead@lexisnexis.com>
Reviewed-By: Richard Chapman <rchapman@hpccsystems.com>
Richard Chapman 7 年之前
父节点
当前提交
f31f802a20
共有 1 个文件被更改,包括 15 次插入2 次删除
  1. 15 2
      initfiles/bash/etc/init.d/install-init.in

+ 15 - 2
initfiles/bash/etc/init.d/install-init.in

@@ -239,14 +239,27 @@ if [ ! -d ${homePath}/certificate ]; then
     mkdir -p ${homePath}/certificate
 fi
 
+if [ ! -e ${homePath}/certificate/key.pem ]; then
+    ssh-keygen -t rsa -N hpccsystems-platform -f ${homePath}/certificate/key.pem \
+        1>/dev/null 2>&1
+    ssh-keygen -f ${homePath}/certificate/key.pem.pub -e -m PEM > ${homePath}/certificate/key.pub
+    chmod 0644 ${homePath}/certificate/key.pub
+    rm -f ${homePath}/certificate/key.pem.pub
+    printf "RSA key installed for user %-28s ..." "$user"
+    log_success_msg
+else
+    printf "RSA keys are already installed for user %-15s ..." "$user"
+    log_success_msg
+fi
+
 if [ ! -e ${homePath}/certificate/certificate.pem ]; then
-    openssl req -newkey rsa:2048 -keyout ${homePath}/certificate/key.pem -x509 \
+    openssl req -new -key ${homePath}/certificate/key.pem -keyform PEM -x509 \
         -days 365 -out ${homePath}/certificate/certificate.pem -passin \
         pass:hpccsystems-platform -passout pass:hpccsystems-platform -batch 1>/dev/null 2>&1
     printf "Self Signed Certificate installed for user %-12s ..." "$user"
     log_success_msg
 else
-    printf "Self Signed Certificate already installed for user %-12s ..." "$user"
+    printf "Self Signed Certificate already installed for %-9s ..." "$user"
     log_success_msg
 fi