CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6710 from Security-Onion-Solutions/fix/ub1804ssl

Browse Source 
add mine function to signing_policies.conf
This commit is contained in:
Josh Patterson
2021-12-28 15:23:36 -05:00
committed by GitHub
parent 7029c3a94a 2a5b4ef276
commit 7655920068
2 changed files with 3 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
salt/ca/files/signing_policies.conf
View File

@@ -1,3 +1,6 @@
mine_functions:
x509.get_pem_entries: [/etc/pki/ca.crt]
x509_signing_policies: x509_signing_policies:
filebeat: filebeat:
- minions: '*' - minions: '*'

8
setup/so-functions
View File

@@ -1438,14 +1438,6 @@ generate_ca() {
echo " Confirming existence of the CA certificate" echo " Confirming existence of the CA certificate"
openssl x509 -in /etc/pki/ca.crt -noout -subject -issuer -dates openssl x509 -in /etc/pki/ca.crt -noout -subject -issuer -dates
echo "Confirming salt mine now contains the certificate";
salt-call mine.get "$MINION_ID" x509.get_pem_entries | grep -E 'BEGIN CERTIFICATE|END CERTIFICATE';
if [ $? -eq 0 ]; then
echo "CA in mine"
else
echo "CA not in mine"
fi
} >> "$setup_log" 2>&1 } >> "$setup_log" 2>&1
} }