From: Aaron Klingaman <alk@cs.princeton.edu>
Date: Wed, 28 Jun 2006 20:44:17 +0000 (+0000)
Subject: allow apache to read PLC_MA_SA_SSL_KEY so it can make user certs
X-Git-Tag: myplc-0_4-rc1~7
X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=04ff6b3bf7aa6288fe80d4859016a11c8e764907;p=myplc.git

allow apache to read PLC_MA_SA_SSL_KEY so it can make user certs
---

diff --git a/plc.d/ssl b/plc.d/ssl
index 0615d75..5f15cff 100755
--- a/plc.d/ssl
+++ b/plc.d/ssl
@@ -7,7 +7,7 @@
 # Mark Huang <mlhuang@cs.princeton.edu>
 # Copyright (C) 2006 The Trustees of Princeton University
 #
-# $Id: ssl,v 1.4 2006/04/25 21:18:19 mlhuang Exp $
+# $Id: ssl,v 1.5 2006/06/23 21:47:18 mlhuang Exp $
 #
 
 # Source function library and configuration
@@ -105,6 +105,10 @@ case "$1" in
 	    mkcert "$PLC_NAME Management and Slice Authority" \
 		$PLC_MA_SA_SSL_KEY $PLC_MA_SA_SSL_CRT
 
+	    # make readable by apache to sign certificates
+	    chown apache $PLC_MA_SA_SSL_KEY
+	    chmod 600 $PLC_MA_SA_SSL_KEY
+
 	    # API requires a public key for slice ticket verification
 	    openssl rsa -pubout <$PLC_MA_SA_SSL_KEY >$PLC_MA_SA_SSL_KEY_PUB
 	    check