 f64dc8e050
			
		
	
	f64dc8e050
	
	
	
		
			
			Fixed the "starting" URL referenced in README - /whoami does not exist any more, so following the instructions gave a "Not Found" error. Re-ordered the README sections to put things needed most often or by more users up front; moved things most people will not need to know towards the end. (Very little content is new/changed; most is just rearranged.) Updated create_key.sh to be more test-friendly, and document how to deploy newly generated keys; added a pointer to it in README.
		
			
				
	
	
		
			26 lines
		
	
	
		
			555 B
		
	
	
	
		
			Bash
		
	
	
		
			Executable File
		
	
	
	
	
			
		
		
	
	
			26 lines
		
	
	
		
			555 B
		
	
	
	
		
			Bash
		
	
	
		
			Executable File
		
	
	
	
	
| #!/bin/bash
 | |
| 
 | |
| cat <<EOF
 | |
| 
 | |
| Generating a new test key and certificate.  To change the defaults offered
 | |
| by openssl, edit your openssl.cnf, such as /etc/ssl/openssl.cnf
 | |
| 
 | |
| EOF
 | |
| 
 | |
| openssl genrsa -out server.key 1024
 | |
| chmod 600 server.key
 | |
| openssl req -new -key server.key -out server.csr
 | |
| openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
 | |
| 
 | |
| cat <<EOH
 | |
| 
 | |
| Now to enable these new keys, do:
 | |
| 
 | |
|   cp server.key idp2/pki/mykey.pem
 | |
|   cp server.crt idp2/pki/mycert.pem
 | |
| 
 | |
|   cp server.key sp-wsgi/pki/mykey.pem
 | |
|   cp server.crt sp-wsgi/pki/mycert.pem
 | |
| 
 | |
| EOH
 |