CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-21 08:23:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

the great ssl refactor

Browse Source
This commit is contained in:
Josh Patterson
2025-12-11 17:30:06 -05:00
parent 545060103a
commit b9ff1704b0
58 changed files with 1236 additions and 1159 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
setup/so-setup
View File

@@ -773,12 +773,9 @@ if ! [[ -f $install_opt_file ]]; then
# wait here until we get a response from the salt-master since it may have just restarted
# exit setup after 5-6 minutes of trying
check_salt_master_status || fail "Can't access salt master or it is not ready"
# apply the ca state to create the ca and put it in the mine early in the install
# apply the ca state to create the ca and symlink to local/salt/ca/files/ca.crt
# the minion ip will already be in the mine from configure_minion function in so-functions
generate_ca
# this will also call the ssl state since docker requires the intca
# the salt-minion service will need to be up on the manager to sign requests
generate_ssl
logCmd "salt-call state.apply docker"
firewall_generate_templates
set_initial_firewall_policy