Skip to content

Commit 9f1c451

Browse files
openomsopenoms
committed
fix: correct path of ssl cert for joinmarket-api
1 parent 1703814 commit 9f1c451

2 files changed

Lines changed: 16 additions & 43 deletions

File tree

scripts/install.joinmarket-api.sh

Lines changed: 4 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,9 @@ fi
1414
source $HOME_DIR/joinin.conf
1515

1616
function joinmarketApiServiceOn() {
17+
18+
$HOME_DIR/install.selfsignedcert.sh
19+
1720
if ! systemctl is-active --quiet joinmarket-api; then
1821
echo "# Install joinmarket-api.service"
1922
echo "# joinmarket-api.service
@@ -46,7 +49,6 @@ WantedBy=multi-user.target
4649
fi
4750
}
4851

49-
5052
if [ "$1" = on ]; then
5153

5254
joinmarketApiServiceOn
@@ -55,17 +57,13 @@ elif [ "$1" = connect ]; then
5557

5658
joinmarketApiServiceOn
5759

58-
# https://github.com/openoms/joininbox/issues/78
59-
# A self signed cert.pem file in base64 text
60-
$HOME_DIR/install.selfsignedcert.sh
61-
6260
# add hidden service
6361
$HOME_DIR/install.hiddenservice.sh joinmarket-api 28183 28183
6462

6563
# A QR code which displays the textual representation of a url in the following format:"
6664
#http://<hostname>.onion:28183?cert=<base64cert>
6765
torAddress=$(sudo cat /mnt/hdd/tor/joinmarket-api/hostname)
68-
base64cert=$(base64 -w 0 ${HOME_DIR}/selfsignedcert/cert.pem)
66+
base64cert=$(base64 -w 0 ${HOME_DIR}/.joinmarket/ssl/cert.pem)
6967
url="http://${torAddress}:28183?cert=${base64cert}"
7068

7169
if [ "$runningEnv" = raspiblitz ];then

scripts/install.selfsignedcert.sh

Lines changed: 12 additions & 37 deletions
Original file line numberDiff line numberDiff line change
@@ -1,47 +1,22 @@
11
#!/bin/bash
2-
32
# script to create a self-signed SSL certificate
43

54
USERNAME=joinmarket
65
HOME_DIR=/home/$USERNAME
76

8-
if [ ! -f ${HOME_DIR}/selfsignedcert/cert.pem ] || [ ! -f ${HOME_DIR}/selfsignedcert/key.pem ];then
7+
if [ ! -f ${HOME_DIR}/.joinmarket/ssl/cert.pem ] || [ ! -f ${HOME_DIR}/.joinmarket/ssl/key.pem ];then
98
sudo apt-get install openssl
109

11-
sudo -u ${USERNAME} mkdir ${HOME_DIR}/selfsignedcert
12-
cd ${HOME_DIR}/selfsignedcert || exit 1
13-
14-
echo "# Create a self signed SSL certificate"
15-
localip=$(hostname -I | awk '{print $1}')
16-
17-
sudo -u ${USERNAME} openssl genrsa -out key.pem 2048
18-
19-
echo "
20-
[req]
21-
prompt = no
22-
default_bits = 2048
23-
default_keyfile = key.pem
24-
distinguished_name = req_distinguished_name
25-
req_extensions = req_ext
26-
x509_extensions = v3_ca
27-
28-
[req_distinguished_name]
29-
C = GB
30-
ST = London
31-
L = JoinMarket
32-
O = Joininbox
33-
CN = Joininbox
34-
[req_ext]
35-
subjectAltName = @alt_names
36-
[v3_ca]
37-
subjectAltName = @alt_names
38-
[alt_names]
39-
DNS.1 = localhost
40-
DNS.2 = 127.0.0.1
41-
DNS.3 = $localip
42-
" | sudo -u ${USERNAME} tee localhost.conf
10+
if [ -d $HOME_DIR/.joinmarket/ssl ]; then
11+
sudo -u $USERNAME rm -rf $HOME_DIR/.joinmarket/ssl
12+
fi
4313

44-
sudo -u ${USERNAME} openssl req -new -x509 -sha256 -key key.pem \
45-
-out cert.pem -days 3650 -config localhost.conf
14+
subj="/C=US/ST=Utah/L=Lehi/O=Your Company, Inc./OU=IT/CN=example.com"
15+
sudo -u $USERNAME mkdir -p $HOME_DIR/.joinmarket/ssl/ \
16+
&& pushd "$_" \
17+
&& sudo -u $USERNAME openssl req -newkey rsa:4096 -x509 -sha256 -days 3650 -nodes -out cert.pem -keyout key.pem -subj "$subj" \
18+
&& popd || exit 1
4619

47-
fi
20+
else
21+
echo "${HOME_DIR}/.joinmarket/ssl/cert.pem and key.pem is already present"
22+
fi

0 commit comments

Comments
 (0)