mirror of
https://github.com/laurivosandi/certidude
synced 2024-12-23 00:25:18 +00:00
Added instructions for automating certificate management on Ubuntu
This commit is contained in:
parent
0a92589f41
commit
e6817b0c81
30
README.rst
30
README.rst
@ -313,3 +313,33 @@ Set permissions:
|
||||
.. code:: bash
|
||||
|
||||
chmod 700 /etc/cron.hourly/update-certidude-user-whitelist
|
||||
|
||||
|
||||
Automating certificate setup
|
||||
----------------------------
|
||||
|
||||
Ubuntu 14.04 based desktops come with NetworkManager installed.
|
||||
Create ``/etc/NetworkManager/dispatcher.d/certidude`` with following content:
|
||||
|
||||
.. code:: bash
|
||||
|
||||
#!/bin/sh -e
|
||||
# Set up certificates for IPSec connection
|
||||
|
||||
case "$2" in
|
||||
up)
|
||||
LANG=C.UTF-8 /usr/local/bin/certidude setup strongswan networkmanager http://ca.example.org/api/laptops/ gateway.example.org
|
||||
;;
|
||||
esac
|
||||
|
||||
Finally make it executable:
|
||||
|
||||
.. code:: bash
|
||||
|
||||
chmod +x /etc/NetworkManager/dispatcher.d/certidude
|
||||
|
||||
Whenever a wired or wireless connection is brought up,
|
||||
the dispatcher invokes ``certidude`` in order to generate RSA keys,
|
||||
submit CSR, fetch signed certificate,
|
||||
create NetworkManager configuration for the VPN connection and
|
||||
finally to bring up the VPN tunnel as well.
|
||||
|
Loading…
Reference in New Issue
Block a user