From d80c4e07e68ffc4979686063806b49853e4e424c Mon Sep 17 00:00:00 2001 From: Jordi Prats Date: Tue, 17 Dec 2019 14:28:07 +0100 Subject: [PATCH] sha256 for selfsigned --- CHANGELOG.md | 4 ++++ manifests/init.pp | 3 ++- metadata.json | 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 680ce59..744c7f7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # CHANGELOG +## 0.2.42 + +* setting sha256 as default digest for self signed certificates + ## 0.2.41 * added postfix settings: diff --git a/manifests/init.pp b/manifests/init.pp index 5aa2713..6bb864f 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -41,6 +41,7 @@ $relayhost_mx_lookup = false, $generatecert = false, $subjectselfsigned = undef, + $selfsigned_digest = 'sha256', $tlscert = undef, $tlspk = undef, $install_mailclient = true, @@ -140,7 +141,7 @@ } exec { 'openssl cert': - command => "openssl req -new -key /etc/pki/tls/private/postfix-key.key -subj '${subjectselfsigned}' | openssl x509 -req -days 10000 -signkey /etc/pki/tls/private/postfix-key.key -out /etc/pki/tls/certs/postfix.pem", + command => "openssl req -new -${selfsigned_digest} -key /etc/pki/tls/private/postfix-key.key -subj '${subjectselfsigned}' | openssl x509 -req -days 10000 -signkey /etc/pki/tls/private/postfix-key.key -out /etc/pki/tls/certs/postfix.pem", unless => "openssl x509 -in /etc/pki/tls/certs/postfix.pem -noout -subject | grep '${subjectselfsigned}'", notify => Class['postfix::service'], require => Exec['openssl pk'], diff --git a/metadata.json b/metadata.json index 76ee26b..ebf7146 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "eyp-postfix", - "version": "0.2.41", + "version": "0.2.42", "author": "eyp", "summary": "postfix management - relay or multidomain mailserver", "license": "Apache-2.0",