Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Revert "Add new keystore certificate" #1426

Merged
merged 2 commits into from
Jul 11, 2024
+1 −32
Merged

Revert "Add new keystore certificate" #1426

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b60e875
Revert "Add new keystore certificate"
vcerenu Jul 11, 2024
1e261c1
Revert test changes
vcerenu Jul 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 1 addition & 32 deletions build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -122,20 +122,6 @@ create_ossec_key_cert() {
exec_cmd "openssl req -new -x509 -key ${WAZUH_INSTALL_PATH}/etc/sslmanager.key -out ${WAZUH_INSTALL_PATH}/etc/sslmanager.cert -days 3650 -subj /CN=${HOSTNAME}/"
}

#########################
#GenerateKeystoreCert()
#########################
GenerateKeystoreCert()
{
# Regenerate keys if they are not valid.
keystore_key=/etc/keystore.key
keystore_cert=/etc/keystore.cert
echo "Generating RSA keys for Keystore."
${WAZUH_INSTALL_PATH}/bin/wazuh-authd -C 365 -B 2048 -K ${WAZUH_INSTALL_PATH}${keystore_key} -X ${WAZUH_INSTALL_PATH}${keystore_cert} -S "/C=US/ST=California/CN=wazuh/"
chmod 600 ${WAZUH_INSTALL_PATH}${keystore_key}
chmod 600 ${WAZUH_INSTALL_PATH}${keystore_cert}
}

##############################################################################
# Copy all files from $WAZUH_CONFIG_MOUNT to $WAZUH_INSTALL_PATH and respect
# destination files permissions
Expand Down Expand Up @@ -213,7 +199,7 @@ main() {

# Restore files stored in permanent data that are not permanent (i.e. internal_options.conf)
apply_exclusion_data

# Apply correct permission and ownership
set_correct_permOwner

Expand All @@ -232,23 +218,6 @@ main() {
fi
fi

keystore_key=/etc/keystore.key
keystore_cert=/etc/keystore.cert

# If we come from 4.8.0, no certificates will be found.
# Since the Keystore tool previously used sslmanager keys for encryption,
# We copy them to the new location to be able to recover the information.
if [ ! -f "${WAZUH_INSTALL_PATH}${keystore_key}" ] && [ ! -f "${WAZUH_INSTALL_PATH}${keystore_cert}" ]; then
cp -p ${WAZUH_INSTALL_PATH}/etc/sslmanager.cert ${WAZUH_INSTALL_PATH}${keystore_cert}
cp -p ${WAZUH_INSTALL_PATH}/etc/sslmanager.key ${WAZUH_INSTALL_PATH}${keystore_key}
fi

# Test if the certificates are valid. If don't, re-generate them
${WAZUH_INSTALL_PATH}/bin/wazuh-keystore -f default -k certificate_test -v test
if [ $? -eq 1 ]; then
GenerateKeystoreCert
fi

# Mount selected files (WAZUH_CONFIG_MOUNT) to container
mount_files

Expand Down
Loading