In script 'dh_tlsgen.sh' change default ttl values to 3600.
This commit is contained in:
parent
cdb1fe4ee9
commit
9c62092df2
@ -3579,7 +3579,7 @@ hostname=\${_tmp_arr[0]}
|
|||||||
|
|
||||||
cert=/var/lib/dehydrated/certs/\${hostname}/cert.pem
|
cert=/var/lib/dehydrated/certs/\${hostname}/cert.pem
|
||||||
tlsa_record_311=\$(
|
tlsa_record_311=\$(
|
||||||
printf '_%s._tcp.%s. 360 IN TLSA 3 1 1 %s\n' \\
|
printf '_%s._tcp.%s. 3600 IN TLSA 3 1 1 %s\n' \\
|
||||||
\$port \\
|
\$port \\
|
||||||
\$hostname \\
|
\$hostname \\
|
||||||
"\$(openssl x509 -in \$cert -noout -pubkey |
|
"\$(openssl x509 -in \$cert -noout -pubkey |
|
||||||
@ -3590,7 +3590,7 @@ tlsa_record_311=\$(
|
|||||||
|
|
||||||
cert=/var/lib/dehydrated/certs/\${hostname}/cert.pem
|
cert=/var/lib/dehydrated/certs/\${hostname}/cert.pem
|
||||||
tlsa_record_301=\$(
|
tlsa_record_301=\$(
|
||||||
printf '_%s._tcp.%s. 360 IN TLSA 3 0 1 %s\n' \\
|
printf '_%s._tcp.%s. 3600 IN TLSA 3 0 1 %s\n' \\
|
||||||
\$port \\
|
\$port \\
|
||||||
\$hostname \\
|
\$hostname \\
|
||||||
"\$(openssl x509 -in \$cert -outform DER |
|
"\$(openssl x509 -in \$cert -outform DER |
|
||||||
@ -3601,7 +3601,7 @@ tlsa_record_301=\$(
|
|||||||
|
|
||||||
cert=/var/lib/dehydrated/certs/\${hostname}/chain.pem
|
cert=/var/lib/dehydrated/certs/\${hostname}/chain.pem
|
||||||
tlsa_record_211_chain=\$(
|
tlsa_record_211_chain=\$(
|
||||||
printf '_%s._tcp.%s. 360 IN TLSA 2 1 1 %s\n' \\
|
printf '_%s._tcp.%s. 3600 IN TLSA 2 1 1 %s\n' \\
|
||||||
\$port \\
|
\$port \\
|
||||||
\$hostname \\
|
\$hostname \\
|
||||||
"\$(openssl x509 -in \$cert -noout -pubkey |
|
"\$(openssl x509 -in \$cert -noout -pubkey |
|
||||||
@ -3612,7 +3612,7 @@ tlsa_record_211_chain=\$(
|
|||||||
|
|
||||||
cert=/var/lib/dehydrated/certs/\${hostname}/chain.pem
|
cert=/var/lib/dehydrated/certs/\${hostname}/chain.pem
|
||||||
tlsa_record_201_chain=\$(
|
tlsa_record_201_chain=\$(
|
||||||
printf '_%s._tcp.%s. 360 IN TLSA 2 0 1 %s\n' \\
|
printf '_%s._tcp.%s. 3600 IN TLSA 2 0 1 %s\n' \\
|
||||||
\$port \\
|
\$port \\
|
||||||
\$hostname \\
|
\$hostname \\
|
||||||
"\$(openssl x509 -in \$cert -outform DER |
|
"\$(openssl x509 -in \$cert -outform DER |
|
||||||
@ -3622,7 +3622,7 @@ tlsa_record_201_chain=\$(
|
|||||||
|
|
||||||
cert=/var/lib/dehydrated/certs/\${hostname}/chain.pem
|
cert=/var/lib/dehydrated/certs/\${hostname}/chain.pem
|
||||||
tlsa_record_202_chain=\$(
|
tlsa_record_202_chain=\$(
|
||||||
printf '_%s._tcp.%s. 360 IN TLSA 2 0 2 %s\n' \\
|
printf '_%s._tcp.%s. 3600 IN TLSA 2 0 2 %s\n' \\
|
||||||
\$port \\
|
\$port \\
|
||||||
\$hostname \\
|
\$hostname \\
|
||||||
"\$(openssl x509 -in \$cert -outform DER |
|
"\$(openssl x509 -in \$cert -outform DER |
|
||||||
@ -3634,7 +3634,7 @@ tlsa_record_211_root=""
|
|||||||
cert=/var/lib/dehydrated/certs/\${hostname}/root.ca
|
cert=/var/lib/dehydrated/certs/\${hostname}/root.ca
|
||||||
if [[ -f "\$cert" ]]; then
|
if [[ -f "\$cert" ]]; then
|
||||||
tlsa_record_211_root=\$(
|
tlsa_record_211_root=\$(
|
||||||
printf '_%s._tcp.%s. 360 IN TLSA 2 1 1 %s\n' \\
|
printf '_%s._tcp.%s. 3600 IN TLSA 2 1 1 %s\n' \\
|
||||||
\$port \\
|
\$port \\
|
||||||
\$hostname \\
|
\$hostname \\
|
||||||
"\$(openssl x509 -in \$cert -noout -pubkey |
|
"\$(openssl x509 -in \$cert -noout -pubkey |
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user