allanger/container-openvpn
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Activity

ovpn_copy_server_files: Ensure that no other keys then the one for the server is present.

Browse Source 
When creating a multi-server setup I used a partly copied, partly
symlinked directory structure for the different servers after creating a
certificate for each server with `easyrsa build-server-full`. In that
process I also copied the `server` directory.
The rsync command does not delete files which are not excluded so it
included the correct server key and the original one which can be a
security risk.
This commit is contained in:
Robin Schneider 2015-08-26 13:00:17 +02:00
parent 15ac3c89b0
commit 050d4a1f82
No known key found for this signature in database
GPG Key ID: 489A4D5EC353C98A
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
bin/ovpn_copy_server_files
View File

@ -17,6 +17,9 @@ else
TARGET="$OPENVPN/server"
fi
## Ensure that no other keys then the one for the server is present.
rm --recursive --force "$TARGET/pki/private" "$TARGET/pki/issued"
echo "
pki/private/${OVPN_CN}.key
pki/issued/${OVPN_CN}.crt