paulmataruso/wazuh-docker-orginal
1
0
Fork 0
mirror of https://github.com/wazuh/wazuh-docker.git synced 2025-10-29 19:13:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Revert "Add new keystore certificate"

Browse Source
This commit is contained in:
Victor Ereñú
2024-07-11 23:01:18 +10:00
committed by GitHub
parent 2709a8e457
commit b60e875962
3 changed files with 3 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/.goss.yaml vendored
View File

@@ -56,7 +56,7 @@ package:
wazuh-manager: wazuh-manager:
installed: true installed: true
versions: versions:
- 4.8.1 - 4.8.1-1
port: port:
tcp:1514: tcp:1514:
listening: true listening: true

2
.github/workflows/push.yml vendored
View File

@@ -270,7 +270,7 @@ jobs:
sleep 10 sleep 10
done done
docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:SecretPassword -k -s | jq -r ".count"`" docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:SecretPassword -k -s | jq -r ".count"`"
if [[ $docs -gt 0 ]]; then if [[ $docs -gt 1 ]]; then
echo "wazuh-alerts index documents: ${docs}" echo "wazuh-alerts index documents: ${docs}"
else else
echo "wazuh-alerts index documents: ${docs}" echo "wazuh-alerts index documents: ${docs}"

33
build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init
View File

@@ -122,20 +122,6 @@ create_ossec_key_cert() {
exec_cmd "openssl req -new -x509 -key ${WAZUH_INSTALL_PATH}/etc/sslmanager.key -out ${WAZUH_INSTALL_PATH}/etc/sslmanager.cert -days 3650 -subj /CN=${HOSTNAME}/" exec_cmd "openssl req -new -x509 -key ${WAZUH_INSTALL_PATH}/etc/sslmanager.key -out ${WAZUH_INSTALL_PATH}/etc/sslmanager.cert -days 3650 -subj /CN=${HOSTNAME}/"
} }
#########################
#GenerateKeystoreCert()
#########################
GenerateKeystoreCert()
{
# Regenerate keys if they are not valid.
keystore_key=/etc/keystore.key
keystore_cert=/etc/keystore.cert
echo "Generating RSA keys for Keystore."
${WAZUH_INSTALL_PATH}/bin/wazuh-authd -C 365 -B 2048 -K ${WAZUH_INSTALL_PATH}${keystore_key} -X ${WAZUH_INSTALL_PATH}${keystore_cert} -S "/C=US/ST=California/CN=wazuh/"
chmod 600 ${WAZUH_INSTALL_PATH}${keystore_key}
chmod 600 ${WAZUH_INSTALL_PATH}${keystore_cert}
}
############################################################################## ##############################################################################
# Copy all files from $WAZUH_CONFIG_MOUNT to $WAZUH_INSTALL_PATH and respect # Copy all files from $WAZUH_CONFIG_MOUNT to $WAZUH_INSTALL_PATH and respect
# destination files permissions # destination files permissions
@@ -213,7 +199,7 @@ main() {
# Restore files stored in permanent data that are not permanent (i.e. internal_options.conf) # Restore files stored in permanent data that are not permanent (i.e. internal_options.conf)
apply_exclusion_data apply_exclusion_data
# Apply correct permission and ownership # Apply correct permission and ownership
set_correct_permOwner set_correct_permOwner
@@ -232,23 +218,6 @@ main() {
fi fi
fi fi
keystore_key=/etc/keystore.key
keystore_cert=/etc/keystore.cert
# If we come from 4.8.0, no certificates will be found.
# Since the Keystore tool previously used sslmanager keys for encryption,
# We copy them to the new location to be able to recover the information.
if [ ! -f "${WAZUH_INSTALL_PATH}${keystore_key}" ] && [ ! -f "${WAZUH_INSTALL_PATH}${keystore_cert}" ]; then
cp -p ${WAZUH_INSTALL_PATH}/etc/sslmanager.cert ${WAZUH_INSTALL_PATH}${keystore_cert}
cp -p ${WAZUH_INSTALL_PATH}/etc/sslmanager.key ${WAZUH_INSTALL_PATH}${keystore_key}
fi
# Test if the certificates are valid. If don't, re-generate them
${WAZUH_INSTALL_PATH}/bin/wazuh-keystore -f default -k certificate_test -v test
if [ $? -eq 1 ]; then
GenerateKeystoreCert
fi
# Mount selected files (WAZUH_CONFIG_MOUNT) to container # Mount selected files (WAZUH_CONFIG_MOUNT) to container
mount_files mount_files