diff options
author | Robin Gloster <mail@glob.in> | 2018-05-24 00:52:05 +0200 |
---|---|---|
committer | Robin Gloster <mail@glob.in> | 2018-09-12 13:40:46 +0200 |
commit | 515a7aa4523bf8948d48e517c50e7258fee69bf2 (patch) | |
tree | bd109fdc31ec1ba4ebddb42d03056557727e0214 /nixos/modules/security/acme.nix | |
parent | e0c081c6ac817eac903587eca6dadb2dd6a84276 (diff) | |
download | nixlib-515a7aa4523bf8948d48e517c50e7258fee69bf2.tar nixlib-515a7aa4523bf8948d48e517c50e7258fee69bf2.tar.gz nixlib-515a7aa4523bf8948d48e517c50e7258fee69bf2.tar.bz2 nixlib-515a7aa4523bf8948d48e517c50e7258fee69bf2.tar.lz nixlib-515a7aa4523bf8948d48e517c50e7258fee69bf2.tar.xz nixlib-515a7aa4523bf8948d48e517c50e7258fee69bf2.tar.zst nixlib-515a7aa4523bf8948d48e517c50e7258fee69bf2.zip |
acme module: fix self-signed cert with openssl 1.1
Diffstat (limited to 'nixos/modules/security/acme.nix')
-rw-r--r-- | nixos/modules/security/acme.nix | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/nixos/modules/security/acme.nix b/nixos/modules/security/acme.nix index 946da92d80e7..092704c6fc3f 100644 --- a/nixos/modules/security/acme.nix +++ b/nixos/modules/security/acme.nix @@ -302,15 +302,15 @@ in workdir="$(mktemp -d)" # Create CA - openssl genrsa -des3 -passout pass:x -out $workdir/ca.pass.key 2048 - openssl rsa -passin pass:x -in $workdir/ca.pass.key -out $workdir/ca.key + openssl genrsa -des3 -passout pass:xxxx -out $workdir/ca.pass.key 2048 + openssl rsa -passin pass:xxxx -in $workdir/ca.pass.key -out $workdir/ca.key openssl req -new -key $workdir/ca.key -out $workdir/ca.csr \ -subj "/C=UK/ST=Warwickshire/L=Leamington/O=OrgName/OU=Security Department/CN=example.com" openssl x509 -req -days 1 -in $workdir/ca.csr -signkey $workdir/ca.key -out $workdir/ca.crt # Create key - openssl genrsa -des3 -passout pass:x -out $workdir/server.pass.key 2048 - openssl rsa -passin pass:x -in $workdir/server.pass.key -out $workdir/server.key + openssl genrsa -des3 -passout pass:xxxx -out $workdir/server.pass.key 2048 + openssl rsa -passin pass:xxxx -in $workdir/server.pass.key -out $workdir/server.key openssl req -new -key $workdir/server.key -out $workdir/server.csr \ -subj "/C=UK/ST=Warwickshire/L=Leamington/O=OrgName/OU=IT Department/CN=example.com" openssl x509 -req -days 1 -in $workdir/server.csr -CA $workdir/ca.crt \ |