github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-19 21:04:07 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

SSL CA validation improvements

Browse source
This commit is contained in:
Serghey Rodin 2014-07-22 00:17:41 +03:00
commit 26f0c65953
1 changed files with 3 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

12
func/domain.sh
View file

@ -327,15 +327,9 @@ is_web_domain_cert_valid() {
fi fi
if [ -e "$ssl_dir/$domain.ca" ]; then if [ -e "$ssl_dir/$domain.ca" ]; then
ca_vrf=$(openssl verify $ssl_dir/$domain.ca 2>/dev/null |grep 'OK') crt_vrf=$(openssl verify -purpose sslserver \
if [ -z "$ca_vrf" ]; then -CAfile $ssl_dir/$domain.ca $ssl_dir/$domain.crt 2>/dev/null |\
echo "Error: ssl certificate authority is not valid" grep 'OK')
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
crt_vrf=$(openssl verify -untrusted $ssl_dir/$domain.ca \
$ssl_dir/$domain.crt 2>/dev/null |grep 'OK')
if [ -z "$crt_vrf" ]; then if [ -z "$crt_vrf" ]; then
echo "Error: root or/and intermediate cerificate not found" echo "Error: root or/and intermediate cerificate not found"
log_event "$E_NOTEXIST" "$EVENT" log_event "$E_NOTEXIST" "$EVENT"