mirror of
https://github.com/laurivosandi/certidude
synced 2025-09-13 00:31:03 +00:00
Several updates #4
* Improved offline install docs * Migrated token mechanism backend to SQL * Preliminary token mechanism frontend integration * Add clock skew tolerance for OCSP * Add 'ldap computer filter' support for Kerberized machine enroll * Include OCSP and CRL URL-s in certificates, controlled by profile.conf * Better certificate extension handling * Place DH parameters file in /etc/ssl/dhparam.pem * Always talk to CA over port 8443 for 'certidude enroll' * Hardened frontend nginx config * Separate log files for frontend nginx * Better provisioning heuristics * Add sample site.sh config for LEDE image builder * Add more device profiles for LEDE image builder * Various bugfixes and improvements
This commit is contained in:
@@ -29,9 +29,7 @@ AUTHORITY=$(hostname -f)
|
||||
mkdir -p $OVERLAY/etc/config
|
||||
mkdir -p $OVERLAY/etc/uci-defaults
|
||||
mkdir -p $OVERLAY/etc/certidude/authority/$AUTHORITY/
|
||||
cp /var/lib/certidude/$AUTHORITY/ca_cert.pem $OVERLAY/etc/certidude/authority/$AUTHORITY/
|
||||
|
||||
echo /etc/certidude >> $OVERLAY/etc/sysupgrade.conf
|
||||
cp /var/lib/certidude/ca_cert.pem $OVERLAY/etc/certidude/authority/$AUTHORITY/
|
||||
|
||||
cat <<EOF > $OVERLAY/etc/config/certidude
|
||||
|
||||
|
||||
Reference in New Issue
Block a user