Merge pull request #78 from jordiprats/master

sha256 for selfsigned
NTTCom-MS · Dec 17, 2019 · 91846c3 · 91846c3
2 parents 8eeb83b + d80c4e0
commit 91846c3
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 2 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # CHANGELOG
 
+## 0.2.42
+
+* setting sha256 as default digest for self signed certificates
+
 ## 0.2.41
 
 * added postfix settings:

diff --git a/manifests/init.pp b/manifests/init.pp
@@ -41,6 +41,7 @@
                 $relayhost_mx_lookup                 = false,
                 $generatecert                        = false,
                 $subjectselfsigned                   = undef,
+                $selfsigned_digest                   = 'sha256',
                 $tlscert                             = undef,
                 $tlspk                               = undef,
                 $install_mailclient                  = true,
@@ -140,7 +141,7 @@
         }
 
         exec { 'openssl cert':
-          command => "openssl req -new -key /etc/pki/tls/private/postfix-key.key -subj '${subjectselfsigned}' | openssl x509 -req -days 10000 -signkey /etc/pki/tls/private/postfix-key.key -out /etc/pki/tls/certs/postfix.pem",
+          command => "openssl req -new -${selfsigned_digest} -key /etc/pki/tls/private/postfix-key.key -subj '${subjectselfsigned}' | openssl x509 -req -days 10000 -signkey /etc/pki/tls/private/postfix-key.key -out /etc/pki/tls/certs/postfix.pem",
           unless  => "openssl x509 -in /etc/pki/tls/certs/postfix.pem -noout -subject | grep '${subjectselfsigned}'",
           notify  => Class['postfix::service'],
           require => Exec['openssl pk'],

diff --git a/metadata.json b/metadata.json
@@ -1,6 +1,6 @@
 {
   "name": "eyp-postfix",
-  "version": "0.2.41",
+  "version": "0.2.42",
   "author": "eyp",
   "summary": "postfix management - relay or multidomain mailserver",
   "license": "Apache-2.0",