From 1c5b93f5327db9617b76881dd4a86eea715a0d08 Mon Sep 17 00:00:00 2001 From: "ljf (zamentur)" Date: Wed, 24 Oct 2018 21:15:25 +0200 Subject: [PATCH] [fix] Set random serial number for CA (#557) [fix] Use random serial number for CA --- data/templates/ssl/openssl.cnf | 2 +- src/yunohost/tools.py | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/data/templates/ssl/openssl.cnf b/data/templates/ssl/openssl.cnf index fa5d19fa3..ac8c422e3 100644 --- a/data/templates/ssl/openssl.cnf +++ b/data/templates/ssl/openssl.cnf @@ -43,7 +43,7 @@ unique_subject = no # Set to 'no' to allow creation of new_certs_dir = $dir/newcerts # default place for new certs. certificate = $dir/ca/cacert.pem # The CA certificate -serial = $dir/serial # The current serial number +#serial = $dir/serial # The current serial number #crlnumber = $dir/crlnumber # the current crl number # must be commented out to leave a V1 CRL crl = $dir/crl.pem # The current CRL diff --git a/src/yunohost/tools.py b/src/yunohost/tools.py index f9ee14994..ccf489a92 100644 --- a/src/yunohost/tools.py +++ b/src/yunohost/tools.py @@ -358,7 +358,6 @@ def tools_postinstall(operation_logger, domain, password, ignore_dyndns=False): service_regen_conf(['ssl'], force=True) ssl_dir = '/usr/share/yunohost/yunohost-config/ssl/yunoCA' commands = [ - 'echo "01" > %s/serial' % ssl_dir, 'rm %s/index.txt' % ssl_dir, 'touch %s/index.txt' % ssl_dir, 'cp %s/openssl.cnf %s/openssl.ca.cnf' % (ssl_dir, ssl_dir),