mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-06 09:12:45 +01:00
only generate p8 files if the key used for genetation changes
This commit is contained in:
m0duspwnens
@@ -107,6 +107,8 @@ influxkeyperms:
|
||||
- 'enddate=$(date -d "$(openssl x509 -in /etc/pki/filebeat.crt -enddate -noout | cut -d= -f2)" +%s) ; now=$(date +%s) ; expire_date=$(( now + 432000)); [ $enddate -gt $expire_date ]'
|
||||
cmd.run:
|
||||
- name: "/usr/bin/openssl pkcs8 -in /etc/pki/filebeat.key -topk8 -out /etc/pki/filebeat.p8 -nocrypt"
|
||||
- onchanges:
|
||||
- x509: /etc/pki/filebeat.key
|
||||
|
||||
|
||||
fbperms:
|
||||
@@ -289,6 +291,8 @@ fbcertdir:
|
||||
filebeatpkcs:
|
||||
cmd.run:
|
||||
- name: "/usr/bin/openssl pkcs8 -in /opt/so/conf/filebeat/etc/pki/filebeat.key -topk8 -out /opt/so/conf/filebeat/etc/pki/filebeat.p8 -passout pass:"
|
||||
- onchanges:
|
||||
- x509: /opt/so/conf/filebeat/etc/pki/filebeat.key
|
||||
|
||||
filebeatkeyperms:
|
||||
file.managed:
|
||||
|
||||
Reference in New Issue
Block a user