allow apache to read PLC_MA_SA_SSL_KEY so it can make user certs

author Aaron Klingaman <alk@cs.princeton.edu>

Wed, 28 Jun 2006 20:44:17 +0000 (20:44 +0000)

committer Aaron Klingaman <alk@cs.princeton.edu>

Wed, 28 Jun 2006 20:44:17 +0000 (20:44 +0000)
author Aaron Klingaman <alk@cs.princeton.edu>
Wed, 28 Jun 2006 20:44:17 +0000 (20:44 +0000)
committer Aaron Klingaman <alk@cs.princeton.edu>
Wed, 28 Jun 2006 20:44:17 +0000 (20:44 +0000)
diff --git a/plc.d/ssl b/plc.d/ssl

index 0615d75..5f15cff 100755 (executable)
--- a/plc.d/ssl
+++ b/plc.d/ssl
@@ -7,7 +7,7 @@
  # Mark Huang <mlhuang@cs.princeton.edu>
  # Copyright (C) 2006 The Trustees of Princeton University
  #
-# $Id: ssl,v 1.4 2006/04/25 21:18:19 mlhuang Exp $
+# $Id: ssl,v 1.5 2006/06/23 21:47:18 mlhuang Exp $
  #
  
  # Source function library and configuration
@@ -105,6 +105,10 @@ case "$1" in
             mkcert "$PLC_NAME Management and Slice Authority" \
                 $PLC_MA_SA_SSL_KEY $PLC_MA_SA_SSL_CRT
  
+           # make readable by apache to sign certificates
+           chown apache $PLC_MA_SA_SSL_KEY
+           chmod 600 $PLC_MA_SA_SSL_KEY
+
             # API requires a public key for slice ticket verification
             openssl rsa -pubout <$PLC_MA_SA_SSL_KEY >$PLC_MA_SA_SSL_KEY_PUB
             check
author	Aaron Klingaman <alk@cs.princeton.edu>
	Wed, 28 Jun 2006 20:44:17 +0000 (20:44 +0000)
committer	Aaron Klingaman <alk@cs.princeton.edu>
	Wed, 28 Jun 2006 20:44:17 +0000 (20:44 +0000)