CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-18 15:02:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1806 from Security-Onion-Solutions/issue/1782

Browse Source 
Issue/1782
This commit is contained in:
Josh Patterson
2020-11-03 11:23:22 -05:00
committed by GitHub
parent e040009d0b 562a016579
commit 1f8b139462
1 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
setup/so-functions
View File

@@ -430,8 +430,6 @@ configure_minion() {
{ {
systemctl restart salt-minion; systemctl restart salt-minion;
printf '%s\n' '----';
cat "$minion_config";
} >> "$setup_log" 2>&1 } >> "$setup_log" 2>&1
} }
@@ -1635,12 +1633,17 @@ salt_checkin() {
done done
echo " Confirming existence of the CA certificate" echo " Confirming existence of the CA certificate"
cat /etc/pki/ca.crt openssl x509 -in /etc/pki/ca.crt -noout -subject -issuer -dates
echo " Applyng a mine hack"; echo " Applyng a mine hack";
salt "$MINION_ID" mine.send x509.get_pem_entries glob_path=/etc/pki/ca.crt; salt "$MINION_ID" mine.send x509.get_pem_entries glob_path=/etc/pki/ca.crt;
salt "$MINION_ID" mine.update; salt "$MINION_ID" mine.update;
echo " Confirming salt mine now contain the certificate"; echo "Confirming salt mine now contains the certificate";
salt "$MINION_ID" mine.get '*' x509.get_pem_entries; salt "$MINION_ID" mine.get '*' x509.get_pem_entries | grep -E 'BEGIN CERTIFICATE|END CERTIFICATE';
if [ $? -eq 0 ]; then
echo "CA in mine"
else
echo "CA not in mine"
fi
echo " Applying SSL state"; echo " Applying SSL state";
salt-call state.apply ssl; salt-call state.apply ssl;
} >> "$setup_log" 2>&1 } >> "$setup_log" 2>&1