mirror of https://github.com/Icinga/icinga2.git
Combine private and public keys into one file.
This commit is contained in:
Gunnar Beutner
parent
0f5ea5b53b
commit
a9d865c94f
|
|
@ -1,17 +0,0 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIICtzCCAiCgAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJERTEQ
|
||||
MA4GA1UECAwHQmF2YXJpYTESMBAGA1UEBwwJTnVyZW1iZXJnMRUwEwYDVQQKDAxO
|
||||
RVRXQVlTIEdtYkgxHDAaBgNVBAMME0ljaW5nYSBTbmFrZSBPaWwgQ0EwHhcNMTIw
|
||||
NDI0MTE0NzQ2WhcNMTMwNDI0MTE0NzQ2WjBeMQswCQYDVQQGEwJERTEQMA4GA1UE
|
||||
CAwHQmF2YXJpYTESMBAGA1UEBwwJTnVyZW1iZXJnMRUwEwYDVQQKDAxORVRXQVlT
|
||||
IEdtYkgxEjAQBgNVBAMMCWljaW5nYS1jMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
|
||||
gYkCgYEAysHrzHs9WfQR4cEUx2hFZQmbM+Ssi5L63yqnzxEvVQ3GlM+uIceK1Kvx
|
||||
9EexoUDLhxJOaUmigc6Pcs2mAjcpEwObnzW4pLuMKa7ngGLrnUpmmDXdGoxkCbi7
|
||||
CP3s5yC7ZZ6bDiPMhRi/TRvY6+uQf+yew5daA3p87jocgRjhRicCAwEAAaN7MHkw
|
||||
CQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2Vy
|
||||
dGlmaWNhdGUwHQYDVR0OBBYEFPzsYbQZdbq+pcFJWoenWREW6WhMMB8GA1UdIwQY
|
||||
MBaAFNVJHVPJNwqEcG51lpqZJWVPaysFMA0GCSqGSIb3DQEBBQUAA4GBAMLP1GJf
|
||||
0hFdrEpGq+NvxTVx7wD30enAot5x2HLx4HuFohQJz/VZ45v+srrA+HEXbBFXPOd4
|
||||
nB2XtcDDidFKTt5E03HBwDGGZvnB3f1KXYi7B50imKrwVVzgp5nGBM4hSzWGovEX
|
||||
EYofmhk0fQg9qiKQrjwNib/4/b0srwEswfdj
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -1,16 +0,0 @@
|
|||
-----BEGIN PRIVATE KEY-----
|
||||
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMrB68x7PVn0EeHB
|
||||
FMdoRWUJmzPkrIuS+t8qp88RL1UNxpTPriHHitSr8fRHsaFAy4cSTmlJooHOj3LN
|
||||
pgI3KRMDm581uKS7jCmu54Bi651KZpg13RqMZAm4uwj97Ocgu2Wemw4jzIUYv00b
|
||||
2OvrkH/snsOXWgN6fO46HIEY4UYnAgMBAAECgYBj/1QOG1HcxXT0REe9OP3QoPY8
|
||||
l7FJfQnheqYch7syVYL07aBR5Jnh3ZONCLbgcpZuXWbyonBVWMyCsE4Jla7ZYnBB
|
||||
plZPMYmzGxEbTM5Bu+PZ0M1NLvdLCRq24IVwTZwBBZ3sr7rVSnAYi2Li0SWQEaCN
|
||||
P+PbZP1P9i9WiI+VIQJBAPYBfVWNk3gY1V0YuuH9fmYRBg5/B1qy8bYS9FLVIq2z
|
||||
5r7eI1EypcVtyTx6yMmLuWj4mpNOKv5sxQsHalzRo18CQQDS/qPoDqMkDB9r9XeZ
|
||||
qS2XQdX6YxzGisqL8vWcZ/Y6YX81qm3Lpp2wEexUXvWXRI5RdguctZFKTVyG/Mic
|
||||
C9o5AkAEtvKX+SaiXpd4OUkbm6gYfKsJDBYv/s3zF1nnXH5VpeT+M3Op0raqmfgJ
|
||||
WLEQa8UZ5enQeOcKCTudgn7fWIUxAkEAmXWfXP6YZXVzvR+xt08225aEvTItEbKM
|
||||
krFJNlLe4aNb1Hp6lO5ALnk6vDq8wSKZqGIFHBtq6vHNZFiix+xO8QJAIZ3pB/Bz
|
||||
Il8NjZMg8t/1sJdn32Xe9D0lZRtZTKC8zF/78NDFEo9qqE4Sr1CUfqlx18HXOxCO
|
||||
Vg4lv6+jUj+LmA==
|
||||
-----END PRIVATE KEY-----
|
||||
|
|
@ -1,17 +0,0 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIICtzCCAiCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJERTEQ
|
||||
MA4GA1UECAwHQmF2YXJpYTESMBAGA1UEBwwJTnVyZW1iZXJnMRUwEwYDVQQKDAxO
|
||||
RVRXQVlTIEdtYkgxHDAaBgNVBAMME0ljaW5nYSBTbmFrZSBPaWwgQ0EwHhcNMTIw
|
||||
NDI0MTE0NzU1WhcNMTMwNDI0MTE0NzU1WjBeMQswCQYDVQQGEwJERTEQMA4GA1UE
|
||||
CAwHQmF2YXJpYTESMBAGA1UEBwwJTnVyZW1iZXJnMRUwEwYDVQQKDAxORVRXQVlT
|
||||
IEdtYkgxEjAQBgNVBAMMCWljaW5nYS1jMjCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
|
||||
gYkCgYEArOcVui1AWojbPuK/7We9uwIBLaOLfBxQRI3+k6PzzjdtaXT4ijT/DSav
|
||||
Q5U4wGOLYh0yuSyqS88QX/DsqDGLXnSVs8mT37bioMOw2XinqaNQ6xK4vyi0FYxS
|
||||
ewI6YOkYi7135NEaSUgd82hk4wFtiIb67T7hkHRc7Aui6FmT/SkCAwEAAaN7MHkw
|
||||
CQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2Vy
|
||||
dGlmaWNhdGUwHQYDVR0OBBYEFGvpolD5na6L70kNFO1tYGYIwDhqMB8GA1UdIwQY
|
||||
MBaAFNVJHVPJNwqEcG51lpqZJWVPaysFMA0GCSqGSIb3DQEBBQUAA4GBAIhhjKWw
|
||||
5JKirNidgG9PuD8x47VsRTkESLlq/pS7KjkE1nWCG9JpR5oVSzx2WXomiaAZ4q2C
|
||||
WS1z4HD9HF4NbhY+xVBi0Fj/kotuXCCweRo5EVp7Q4fabm1maJemFwMTHGhBLu7a
|
||||
v4dquYyOk9Dhkwcjajyn+KWceCoUTdI3LB2t
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -1,16 +0,0 @@
|
|||
-----BEGIN PRIVATE KEY-----
|
||||
MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAKznFbotQFqI2z7i
|
||||
v+1nvbsCAS2ji3wcUESN/pOj8843bWl0+Io0/w0mr0OVOMBji2IdMrksqkvPEF/w
|
||||
7Kgxi150lbPJk9+24qDDsNl4p6mjUOsSuL8otBWMUnsCOmDpGIu9d+TRGklIHfNo
|
||||
ZOMBbYiG+u0+4ZB0XOwLouhZk/0pAgMBAAECgYEAkbEavslYm7EMRX4dyXcMCaNT
|
||||
yNgxNcBJ5qpbpJ6XVuGfoSf+Mb8cV0GMl38K1hpLHb6Kujwntz9ghedmEwfEbcw0
|
||||
TkSaNz1+7omM+485S2YvXJyR1kO8eEKONVlGuxgO/ItiR+e1J6wMnY5JhctgRH6W
|
||||
aOqy+5Ua1ATIdiOYrI0CQQDku3CNDOipwDmguBIrlxa+6NsATJRjqFmHqWdu2pYh
|
||||
KRl3Sypn+LfhdFRbo3licU5a1OqydGmVpRTpQPJO7MoHAkEAwYPQIGZd/60O2LWV
|
||||
M5eLnwKrrQSfrQ/Lngz0Qko4Yo913Ef2PC2QQ6p9cOt3vMPZDK5znlzQbBCa6cAH
|
||||
tBvzTwJAT+uaaP5wsRdkS17lomt5XB1aoCEh3Cxvk/JCHL6tpEqLBl6yI4AJJ/KQ
|
||||
ozBccmQqv5wToWUBm3MB+nph7+fWswJAMKcQQ6UZCvganHeCzJbUXqUQPo7ECoHH
|
||||
IrSFEMmSRY1mB3z8NoMKG0kZArPgxc/DmUGfBfi12gWOvSgvh6PjVwJBALKECoe5
|
||||
nmxhHTFbs4+UCFTzp6BGtSBdr6to0ID7ykZWT6kBX/BHUnoJUEpDtNLXzbek/KeI
|
||||
ymg0LgRkHoWNpLY=
|
||||
-----END PRIVATE KEY-----
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIICNTCCAZ4CAQQwDQYJKoZIhvcNAQEFBQAwaDELMAkGA1UEBhMCREUxEDAOBgNV
|
||||
BAgMB0JhdmFyaWExEjAQBgNVBAcMCU51cmVtYmVyZzEVMBMGA1UECgwMTkVUV0FZ
|
||||
UyBHbWJIMRwwGgYDVQQDDBNJY2luZ2EgU25ha2UgT2lsIENBMB4XDTEyMDUwODA3
|
||||
MzkxOVoXDTIyMDUwNjA3MzkxOVowXjELMAkGA1UEBhMCREUxEDAOBgNVBAgMB0Jh
|
||||
dmFyaWExEjAQBgNVBAcMCU51cmVtYmVyZzEVMBMGA1UECgwMTkVUV0FZUyBHbWJI
|
||||
MRIwEAYDVQQDDAlpY2luZ2EtYzMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
|
||||
AKFf+UkCgbNtEP0OoeF+K02L5SRlqkkkp6eaieh0IN7NNAxeELcGpZmycv4sHp30
|
||||
qv0zDtKU1HYrpm8TEBsz2AoT+J36QT9IysfcWdM9o3WZGMDUVqYBUscurkxBQJCK
|
||||
cFwXijTJ8Djn82xVgNUm/E44AdbrIwUlx23yllErx8hfAgMBAAEwDQYJKoZIhvcN
|
||||
AQEFBQADgYEAsZOKZQ2+ksPiNTCJrY+uiUZs6lFSbcJ9BHHaAt0ytQPiblufz3xl
|
||||
AR5Hza5fHt+lN9aGxM7TWMhjZHhmoctSRz8AW1KZTdbxJhRdbqmBjl95c2wBiDxs
|
||||
ERpyU9m9Rp42IjTyU4Vr/yO7DgMcG2k4KYzNquA5O8rqqtPRAp3H6n0=
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -1,15 +0,0 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIICXAIBAAKBgQChX/lJAoGzbRD9DqHhfitNi+UkZapJJKenmonodCDezTQMXhC3
|
||||
BqWZsnL+LB6d9Kr9Mw7SlNR2K6ZvExAbM9gKE/id+kE/SMrH3FnTPaN1mRjA1Fam
|
||||
AVLHLq5MQUCQinBcF4o0yfA45/NsVYDVJvxOOAHW6yMFJcdt8pZRK8fIXwIDAQAB
|
||||
AoGASJwWXnNySHlam4Jp9DwA3/OCNs5HwIFtrkwqoR0fbSCHusjYXIHxISbZ9uOD
|
||||
Iy9jgGno0XeF4WXijTfWl2bMXYWTS7ISMBg96bPZtG/RTdgd1LT69s82a+apbgSd
|
||||
bxB64cyn8KtuABfZ9AMR+TV28TDmnGMdhVoaM66iWKv4a4ECQQDNmk3NTZ+s/y5F
|
||||
5qOgJqH5yX1hZLLmm8e8lpghqDT43HR3cMJLN6b5oS1UdMcEw1Q6q3hjFl+MbnZa
|
||||
AzvzpT9DAkEAyO5YdpbRG1OR7sNmidowvr1NkIjV/C4UuSpGrx9XJFAZkLxEEmMu
|
||||
13QssdHjAkX5yFjkoNPC+wA6DeVjtvHatQJBAMG1qavOgKyLV9t/65XOEDm5Pqnu
|
||||
KCfhiZQDBp5fTllRy2FlGYmoi2cSFhVGWOQB7G/CchBZWfiDcnpoJanufOUCQGr7
|
||||
bKKHnoKcNmEYLOpNABMum7PPB5AjwOjt94CagT1WYKZNdzkLEg+pTXrIM8QsGdhw
|
||||
bBqtZW1bK43mivcHQtkCQF+p7LfzmPo9uzRrOfjgTDYLuh3MD8EKNs0M6l15UqbQ
|
||||
nfBBE0oIPH4j+K++7xWUQ7vbiyBc7C7H3NZeE6xqfS0=
|
||||
-----END RSA PRIVATE KEY-----
|
||||
|
|
@ -0,0 +1,25 @@
|
|||
local object application "icinga" {
|
||||
ca = "ca.crt",
|
||||
cert = "icinga-c2.pem"
|
||||
}
|
||||
|
||||
local object component "checker" {
|
||||
}
|
||||
|
||||
local object component "discovery" {
|
||||
broker = 0
|
||||
}
|
||||
|
||||
/* trusted upstream endpoint */
|
||||
local object endpoint "icinga-c1" {
|
||||
node = "192.168.5.46",
|
||||
service = 7777,
|
||||
|
||||
roles = { "all" }
|
||||
}
|
||||
|
||||
local object role "all" {
|
||||
publications = { "*" },
|
||||
subscriptions = { "*" }
|
||||
}
|
||||
|
||||
|
|
@ -0,0 +1,24 @@
|
|||
local object application "icinga" {
|
||||
cert = "icinga-c3.pem",
|
||||
ca = "ca.crt"
|
||||
}
|
||||
|
||||
local object component "checker" {
|
||||
}
|
||||
|
||||
local object component "discovery" {
|
||||
broker = 0
|
||||
}
|
||||
|
||||
/* trusted upstream endpoint */
|
||||
local object endpoint "icinga-c1" {
|
||||
node = "192.168.5.46",
|
||||
service = 7777,
|
||||
|
||||
roles = { "all" }
|
||||
}
|
||||
|
||||
local object role "all" {
|
||||
publications = { "*" },
|
||||
subscriptions = { "*" }
|
||||
}
|
||||
|
|
@ -1,7 +1,6 @@
|
|||
local object application "icinga" {
|
||||
privkey = "icinga-c1.key",
|
||||
pubkey = "icinga-c1.crt",
|
||||
cakey = "ca.crt",
|
||||
ca = "ca.crt",
|
||||
cert = "icinga-c1.pem",
|
||||
|
||||
node = "10.0.10.14",
|
||||
service = 7777
|
||||
|
|
|
|||
|
|
@ -1,8 +1,7 @@
|
|||
local object application "icinga" {
|
||||
privkey = "icinga-c2.key",
|
||||
pubkey = "icinga-c2.crt",
|
||||
ca = "ca.crt",
|
||||
cert = "icinga-c2.pem",
|
||||
|
||||
cakey = "ca.crt",
|
||||
node = "192.168.2.235",
|
||||
service = 7777
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
local object application "icinga" {
|
||||
privkey = "icinga-c3.key",
|
||||
pubkey = "icinga-c3.crt",
|
||||
cakey = "ca.crt",
|
||||
ca = "ca.crt",
|
||||
cert = "icinga-c3.pem",
|
||||
|
||||
node = "10.0.10.14",
|
||||
service = 9999
|
||||
|
|
|
|||
|
|
@ -75,20 +75,19 @@ int IcingaApplication::Main(const vector<string>& args)
|
|||
if (!icingaConfig->IsLocal())
|
||||
throw runtime_error("'icinga' application object must be 'local'.");
|
||||
|
||||
icingaConfig->GetProperty("privkey", &m_PrivateKeyFile);
|
||||
icingaConfig->GetProperty("pubkey", &m_PublicKeyFile);
|
||||
icingaConfig->GetProperty("cakey", &m_CAKeyFile);
|
||||
icingaConfig->GetProperty("cert", &m_CertificateFile);
|
||||
icingaConfig->GetProperty("ca", &m_CAFile);
|
||||
icingaConfig->GetProperty("node", &m_Node);
|
||||
icingaConfig->GetProperty("service", &m_Service);
|
||||
|
||||
if (!GetPrivateKeyFile().empty() && !GetPublicKeyFile().empty() && !GetCAKeyFile().empty()) {
|
||||
if (!GetCertificateFile().empty() && !GetCAFile().empty()) {
|
||||
/* set up SSL context */
|
||||
shared_ptr<X509> cert = Utility::GetX509Certificate(GetPublicKeyFile());
|
||||
shared_ptr<X509> cert = Utility::GetX509Certificate(GetCertificateFile());
|
||||
string identity = Utility::GetCertificateCN(cert);
|
||||
Application::Log(LogInformation, "icinga", "My identity: " + identity);
|
||||
m_EndpointManager->SetIdentity(identity);
|
||||
|
||||
shared_ptr<SSL_CTX> sslContext = Utility::MakeSSLContext(GetPublicKeyFile(), GetPrivateKeyFile(), GetCAKeyFile());
|
||||
shared_ptr<SSL_CTX> sslContext = Utility::MakeSSLContext(GetCertificateFile(), GetCertificateFile(), GetCAFile());
|
||||
m_EndpointManager->SetSSLContext(sslContext);
|
||||
}
|
||||
|
||||
|
|
@ -136,19 +135,14 @@ void IcingaApplication::DeletedComponentHandler(const ConfigObject::Ptr& object)
|
|||
UnregisterComponent(component);
|
||||
}
|
||||
|
||||
string IcingaApplication::GetPrivateKeyFile(void) const
|
||||
string IcingaApplication::GetCertificateFile(void) const
|
||||
{
|
||||
return m_PrivateKeyFile;
|
||||
return m_CertificateFile;
|
||||
}
|
||||
|
||||
string IcingaApplication::GetPublicKeyFile(void) const
|
||||
string IcingaApplication::GetCAFile(void) const
|
||||
{
|
||||
return m_PublicKeyFile;
|
||||
}
|
||||
|
||||
string IcingaApplication::GetCAKeyFile(void) const
|
||||
{
|
||||
return m_CAKeyFile;
|
||||
return m_CAFile;
|
||||
}
|
||||
|
||||
string IcingaApplication::GetNode(void) const
|
||||
|
|
|
|||
|
|
@ -38,18 +38,16 @@ public:
|
|||
|
||||
EndpointManager::Ptr GetEndpointManager(void);
|
||||
|
||||
string GetPrivateKeyFile(void) const;
|
||||
string GetPublicKeyFile(void) const;
|
||||
string GetCAKeyFile(void) const;
|
||||
string GetCertificateFile(void) const;
|
||||
string GetCAFile(void) const;
|
||||
string GetNode(void) const;
|
||||
string GetService(void) const;
|
||||
|
||||
private:
|
||||
EndpointManager::Ptr m_EndpointManager;
|
||||
|
||||
string m_PrivateKeyFile;
|
||||
string m_PublicKeyFile;
|
||||
string m_CAKeyFile;
|
||||
string m_CertificateFile;
|
||||
string m_CAFile;
|
||||
string m_Node;
|
||||
string m_Service;
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue