paulmataruso/wazuh-docker-mirror
1
0
Fork 0
mirror of https://github.com/wazuh/wazuh-docker.git synced 2025-11-03 21:43:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Revert "Add new keystore certificate"

Browse Source
This commit is contained in:
Victor Ereñú
2024-07-11 23:01:18 +10:00
committed by GitHub
parent 2709a8e457
commit b60e875962
3 changed files with 3 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init
View File

@@ -122,20 +122,6 @@ create_ossec_key_cert() {
exec_cmd "openssl req -new -x509 -key ${WAZUH_INSTALL_PATH}/etc/sslmanager.key -out ${WAZUH_INSTALL_PATH}/etc/sslmanager.cert -days 3650 -subj /CN=${HOSTNAME}/"
}
#########################
#GenerateKeystoreCert()
#########################
GenerateKeystoreCert()
{
# Regenerate keys if they are not valid.
keystore_key=/etc/keystore.key
keystore_cert=/etc/keystore.cert
echo "Generating RSA keys for Keystore."
${WAZUH_INSTALL_PATH}/bin/wazuh-authd -C 365 -B 2048 -K ${WAZUH_INSTALL_PATH}${keystore_key} -X ${WAZUH_INSTALL_PATH}${keystore_cert} -S "/C=US/ST=California/CN=wazuh/"
chmod 600 ${WAZUH_INSTALL_PATH}${keystore_key}
chmod 600 ${WAZUH_INSTALL_PATH}${keystore_cert}
}
##############################################################################
# Copy all files from $WAZUH_CONFIG_MOUNT to $WAZUH_INSTALL_PATH and respect
# destination files permissions
@@ -213,7 +199,7 @@ main() {
# Restore files stored in permanent data that are not permanent (i.e. internal_options.conf)
apply_exclusion_data
# Apply correct permission and ownership
set_correct_permOwner
@@ -232,23 +218,6 @@ main() {
fi
fi
keystore_key=/etc/keystore.key
keystore_cert=/etc/keystore.cert
# If we come from 4.8.0, no certificates will be found.
# Since the Keystore tool previously used sslmanager keys for encryption,
# We copy them to the new location to be able to recover the information.
if [ ! -f "${WAZUH_INSTALL_PATH}${keystore_key}" ] && [ ! -f "${WAZUH_INSTALL_PATH}${keystore_cert}" ]; then
cp -p ${WAZUH_INSTALL_PATH}/etc/sslmanager.cert ${WAZUH_INSTALL_PATH}${keystore_cert}
cp -p ${WAZUH_INSTALL_PATH}/etc/sslmanager.key ${WAZUH_INSTALL_PATH}${keystore_key}
fi
# Test if the certificates are valid. If don't, re-generate them
${WAZUH_INSTALL_PATH}/bin/wazuh-keystore -f default -k certificate_test -v test
if [ $? -eq 1 ]; then
GenerateKeystoreCert
fi
# Mount selected files (WAZUH_CONFIG_MOUNT) to container
mount_files