Changeset 32478
- Timestamp:
- 2018-09-21T20:17:12+12:00 (6 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone3/build.xml
r32477 r32478 1796 1796 <arg value="--unlink" /> 1797 1797 <arg line="${https.testing}" /><!-- minus-minus-live if not testing, empty if testing. https://stackoverflow.com/questions/11840284/pass-arguments-to-apache-ant-exec-task-based-on-the-variables-value --> 1798 <arg value="--export-pfx" /><arg value="${keystore.pass}" /> 1798 <!--<arg value="==export-pfx" /><arg value="${keystore.pass}" /> 1799 <arg value="==tag-pfx" /><arg value="greenstone3-tomcat" />--><!--Convert the certificate (that contains the full chain AND private key) to pfx format hereafter using OpenSSL instead--> 1799 1800 <arg line="${https.cert.renewal}" /><!-- rewew command on windows appends min-min-renew XX, where if the day the renewal is run is XX days within expiry, the certificate will get renewed. --> 1800 1801 </exec> … … 1809 1810 <param name="https.comment.out.end" value="${comment.end}"/> 1810 1811 </antcall> 1812 1813 <!-- Use OpenSSL instead of ZeroSSL to convert the certificate to the .pfx format that tomcat likes, using this cmd: 1814 GS3/bin/windows/openssl/bin/openssl.exe pkcs12 -inkey domain.key -in domain.crt -passin pass:pwd -passout pass:pwd -export -out ${keystore.file} 1815 GS3/bin/windows/openssl/bin/openssl.exe pkcs12 -inkey domain.key -in domain.crt -password pass:pwd -export -out ${keystore.file} 1816 where on windows, keystore.file = fullchain_and_prvtkey.pfx 1817 --> 1818 <exec executable="cmd" osfamily="windows" dir="${basedir}/bin/${os.bin.dir}/openssl/bin" spawn="false"> 1819 <arg value="/c" /> 1820 <arg value="openssl.exe" /> 1821 <arg value="pkcs12" /> 1822 <arg value="-inkey" /><arg value="${packages.home}\tomcat\conf\https_cert\${tomcat.server}.key" /> 1823 <arg value="-in" /><arg value="${packages.home}\tomcat\conf\https_cert\fullchain_and_prvtkey.crt" /> 1824 <arg value="-export" /> 1825 <arg value="-out" /><arg value="${packages.home}\tomcat\conf\https_cert\${keystore.file}" /> 1826 <arg value="-name"/><arg value="greenstone3-tomcat"/><!-- See https://stackoverflow.com/questions/808669/convert-a-cert-pem-certificate-to-a-pfx-certificate --> 1827 <arg value="-password"/><arg value="pass:${keystore.pass}"/> 1828 </exec> 1811 1829 1812 1830 </target> … … 1851 1869 <arg value="-in"/><arg value="/etc/letsencrypt/live/${tomcat.server}/fullchain.pem"/> 1852 1870 <arg value="-inkey"/><arg value="/etc/letsencrypt/live/${tomcat.server}/privkey.pem"/> 1853 <arg value="-name"/><arg value=" tomcat"/>1871 <arg value="-name"/><arg value="greenstone3-tomcat"/> 1854 1872 <arg value="-password"/><arg value="pass:${keystore.pass}"/> 1855 1873 </exec>
Note:
See TracChangeset
for help on using the changeset viewer.