@@ -7,9 +7,9 @@ SEPIA_FOLDER="$(dirname "$SCRIPT_PATH")"
77cd " $SEPIA_FOLDER "
88#
99# get IP
10+ ip_adr=" "
1011net_interface=" "
1112get_ip () {
12- local ip_adr=" "
1313 if [ -x " $( command -v route) " ; then
1414 net_interface=" $( route | grep ' ^default' | grep -o ' [^ ]*$' ) "
1515 fi
@@ -24,7 +24,6 @@ get_ip() {
2424 if [ -z " $ip_adr " ; then
2525 ip_adr=" [IP]"
2626 fi
27- echo " $ip_adr "
2827}
2928#
3029echo " "
@@ -35,13 +34,15 @@ echo "https://github.com/SEPIA-Framework/sepia-docs/wiki/SSL-for-your-Server"
3534echo " If you are not sure what option to choose install NGINX (1) and try the self-signed SSL certificate (4)."
3635# stat menu loop
3736while true ; do
37+ ip_adr=" "
38+ net_interface=" "
3839 echo " "
3940 echo " What would you like to do? (recommended: 1 and 4)"
4041 echo " 1: Install NGINX"
4142 echo " 2: Set up NGINX without SSL certificate (very easy setup, recommended for testing)"
4243 echo " 3: Set up NGINX with Let's Encrypt SSL certificate (advanced setup for public servers, run AFTER dynamic DNS setup)"
4344 echo " 4: Set up NGINX with self-signed SSL certificate and non-SSL fallback (easy setup, works on most clients, may show warning messages)"
44- echo " 5: Clean up and remove ALL old SEPIA configs from NGINX (use this before switching from HTTP to HTTPS or vice versa)"
45+ echo " 5: Clean up and remove ALL old SEPIA server configs from NGINX (use this before switching from HTTP to HTTPS or vice versa)"
4546 echo " "
4647 read -p ' Enter a number plz (0 to exit): '
4748 echo " "
@@ -70,7 +71,7 @@ while true; do
7071 sudo nginx -s reload
7172
7273 echo " "
73- ip_adr= " $ get_ip"
74+ get_ip
7475 echo " ------------------------"
7576 echo " DONE."
7677 echo " You should be able to reach the server at: http://$ip_adr :20726 or http://$( hostname -s) "
@@ -131,7 +132,7 @@ while true; do
131132 echo " Please confirm your [detected] hostname and IP address by pressing RETURN or enter new ones."
132133 read -p " Hostname [$( hostname -s) "
133134 my_hostname=${my_hostname:- $(hostname -s).local}
134- ip_adr= " $ get_ip"
135+ get_ip
135136 read -p " IP address (interf.: $net_interface ) [$ip_adr ]: "
136137 my_ip_adr=${my_ip_adr:- $ip_adr }
137138 echo " "
@@ -143,10 +144,10 @@ while true; do
143144 mkdir -p self-signed-ssl
144145 openssl req -nodes -new -x509 -days 3650 -newkey rsa:2048 -keyout self-signed-ssl/key.pem -out self-signed-ssl/certificate.pem \
145146 -subj " /CN=$my_hostname "
146- -addext " subjectAltName=DNS:$my_hostname ,DNS:$my_ip_adr ,DNS:localhost" \
147- -addext " basicConstraints=CA:TRUE"
148- -addext " keyUsage=digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment"
149- -addext " extendedKeyUsage=serverAuth"
147+ -addext " subjectAltName=DNS:$my_hostname ,DNS:$my_ip_adr ,DNS:localhost"
148+ # -addext "basicConstraints=CA:TRUE" \
149+ # -addext "keyUsage=digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment" \
150+ # -addext "extendedKeyUsage=serverAuth"
150151 # subj options: "/C=DE/ST=NRW/L=Essen/O=SEPIA OA Framework/OU=DEV/CN=yourdomain.com"
151152 openssl x509 -text -in self-signed-ssl/certificate.pem -noout | grep " Subject:"
152153 openssl x509 -text -in self-signed-ssl/certificate.pem -noout | grep " DNS:"
0 commit comments