diff options
| author | Stephen Gallagher <sgallagh@redhat.com> | 2017-09-21 14:55:16 -0400 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2017-09-21 14:55:16 -0400 |
| commit | d614e8aa11f9520416f7ef10f93a29670efe1505 (patch) | |
| tree | 27cc9b57cbc69ad1488e26e7677e747a58f7c26b | |
| parent | 10a87792e56496e94cd11bcb4d44ee9561f07552 (diff) | |
| download | httpd-d614e8aa11f9520416f7ef10f93a29670efe1505.tar.gz httpd-d614e8aa11f9520416f7ef10f93a29670efe1505.tar.xz httpd-d614e8aa11f9520416f7ef10f93a29670efe1505.zip | |
Require sscg 2.2.0 for creating service and CA certificates together
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
| -rwxr-xr-x | httpd-ssl-gencerts | 7 | ||||
| -rw-r--r-- | httpd.spec | 7 |
2 files changed, 7 insertions, 7 deletions
diff --git a/httpd-ssl-gencerts b/httpd-ssl-gencerts index 67b6d9a..371a838 100755 --- a/httpd-ssl-gencerts +++ b/httpd-ssl-gencerts @@ -5,18 +5,15 @@ set -e FQDN=`hostname` if test -f /etc/pki/tls/certs/localhost.crt -o \ - -f /etc/pki/tls/private/localhost.key -o \ - -f /etc/pki/tls/certs/localhost-ca.crt; then + -f /etc/pki/tls/private/localhost.key; then exit 1 fi sscg -q \ --cert-file /etc/pki/tls/certs/localhost.crt \ --cert-key-file /etc/pki/tls/private/localhost.key \ - --ca-file /etc/pki/tls/certs/localhost-ca.crt \ + --ca-file /etc/pki/tls/certs/localhost.crt \ --lifetime 365 \ --hostname $FQDN \ --email root@$FQDN -# mod_ssl will send the CA cert if it's appended to the server cert. -cat /etc/pki/tls/certs/localhost-ca.crt >> /etc/pki/tls/certs/localhost.crt @@ -13,7 +13,7 @@ Summary: Apache HTTP Server Name: httpd Version: 2.4.27 -Release: 10%{?dist} +Release: 11%{?dist} URL: https://httpd.apache.org/ Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2 Source1: index.html @@ -158,7 +158,7 @@ BuildRequires: openssl-devel Requires(post): openssl, /bin/cat, hostname Requires(pre): httpd-filesystem Requires: httpd = 0:%{version}-%{release}, httpd-mmn = %{mmnisa} -Requires: sscg >= 2.1.0 +Requires: sscg >= 2.2.0 Obsoletes: stronghold-mod_ssl # Require an OpenSSL which supports PROFILE=SYSTEM Conflicts: openssl-libs < 1:1.0.1h-4 @@ -689,6 +689,9 @@ rm -rf $RPM_BUILD_ROOT %{_rpmconfigdir}/macros.d/macros.httpd %changelog +* Thu Sep 21 2017 Stephen Gallagher <sgallagh@redhat.com> - 2.4.27-11 +- Require sscg 2.2.0 for creating service and CA certificates together + * Thu Sep 21 2017 Jeroen van Meeuwen <kanarip@fedoraproject.org> - 2.4.27-10 - Address CVE-2017-9798 by applying patch from upstream (#1490344) |