From 272c232efb645c9f7d75556aeb047e13b244c9ed Mon Sep 17 00:00:00 2001 From: madmaxoft Date: Thu, 1 May 2014 11:48:03 +0200 Subject: Implemented SSL connection for WebAdmin. Fixes FS-319. --- MCServer/.gitignore | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'MCServer') diff --git a/MCServer/.gitignore b/MCServer/.gitignore index 32a634a03..6da9aa7c7 100644 --- a/MCServer/.gitignore +++ b/MCServer/.gitignore @@ -30,3 +30,7 @@ motd.txt *.xml mcserver_api.lua +# Ignore the webadmin certs / privkey, so that no-one commits theirs by accident: +webadmin/httpscert.crt +webadmin/httpskey.pem + -- cgit v1.2.3 From cf821bc9a4b156d6ffb8a79502936a1de36bb074 Mon Sep 17 00:00:00 2001 From: madmaxoft Date: Thu, 1 May 2014 11:48:45 +0200 Subject: Added scripts for generating HTTPS cert and key. --- MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.cmd | 9 +++++++++ MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.sh | 10 ++++++++++ 2 files changed, 19 insertions(+) create mode 100644 MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.cmd create mode 100644 MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.sh (limited to 'MCServer') diff --git a/MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.cmd b/MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.cmd new file mode 100644 index 000000000..5257e1bd6 --- /dev/null +++ b/MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.cmd @@ -0,0 +1,9 @@ +echo This script generates the certificate and private key for the https webadmin +echo Note that the generated certificate is self-signed, and therefore not trusted by browsers +echo Note that this script requires openssl to be installed and in PATH +echo. +echo When OpenSSL asks you for Common Name, you need to enter the fully qualified domain name of the server, that is, e. g. gallery.xoft.cz +echo. + +openssl req -x509 -newkey rsa:2048 -keyout httpskey.pem -out httpscert.crt -days 3650 -nodes +pause \ No newline at end of file diff --git a/MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.sh b/MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.sh new file mode 100644 index 000000000..0c8594f1a --- /dev/null +++ b/MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +echo "This script generates the certificate and private key for the https webadmin" +echo "Note that the generated certificate is self-signed, and therefore not trusted by browsers" +echo "Note that this script requires openssl to be installed and in PATH" +echo "" +echo "When OpenSSL asks you for Common Name, you need to enter the fully qualified domain name of the server, that is, e. g. gallery.xoft.cz" +echo "" + +openssl req -x509 -newkey rsa:2048 -keyout httpskey.pem -out httpscert.pem -days 3650 -nodes \ No newline at end of file -- cgit v1.2.3 From dc2d2ce53c2f751f72217a26d4f68d72f5f0f5f0 Mon Sep 17 00:00:00 2001 From: madmaxoft Date: Thu, 1 May 2014 12:27:07 +0200 Subject: Added a mention to run as admin. --- MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.cmd | 2 ++ 1 file changed, 2 insertions(+) (limited to 'MCServer') diff --git a/MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.cmd b/MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.cmd index 5257e1bd6..661cc34e8 100644 --- a/MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.cmd +++ b/MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.cmd @@ -4,6 +4,8 @@ echo Note that this script requires openssl to be installed and in PATH echo. echo When OpenSSL asks you for Common Name, you need to enter the fully qualified domain name of the server, that is, e. g. gallery.xoft.cz echo. +echo If OpenSSL fails with an error, "WARNING: can't open config file: /usr/local/ssl/openssl.cnf", you need to run this script as an administrator +echo. openssl req -x509 -newkey rsa:2048 -keyout httpskey.pem -out httpscert.crt -days 3650 -nodes pause \ No newline at end of file -- cgit v1.2.3 From e3d850b24a66cb926fced7b98eea6ed4d12b5f6f Mon Sep 17 00:00:00 2001 From: Mattes D Date: Fri, 2 May 2014 21:35:30 +0000 Subject: Made the cert generation script executable on Linux --- MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.sh (limited to 'MCServer') diff --git a/MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.sh b/MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.sh old mode 100644 new mode 100755 -- cgit v1.2.3 From 45ca5bb857dbe418d59bdfcf9109b5aab2144b59 Mon Sep 17 00:00:00 2001 From: madmaxoft Date: Wed, 7 May 2014 15:09:25 +0200 Subject: Fixed cert filename in Linux script. --- MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.cmd | 2 +- MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'MCServer') diff --git a/MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.cmd b/MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.cmd index 661cc34e8..3ea6963b4 100644 --- a/MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.cmd +++ b/MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.cmd @@ -8,4 +8,4 @@ echo If OpenSSL fails with an error, "WARNING: can't open config file: /usr/loca echo. openssl req -x509 -newkey rsa:2048 -keyout httpskey.pem -out httpscert.crt -days 3650 -nodes -pause \ No newline at end of file +pause diff --git a/MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.sh b/MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.sh index 0c8594f1a..5cf1237c8 100755 --- a/MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.sh +++ b/MCServer/webadmin/GenerateSelfSignedHTTPSCertUsingOpenssl.sh @@ -7,4 +7,4 @@ echo "" echo "When OpenSSL asks you for Common Name, you need to enter the fully qualified domain name of the server, that is, e. g. gallery.xoft.cz" echo "" -openssl req -x509 -newkey rsa:2048 -keyout httpskey.pem -out httpscert.pem -days 3650 -nodes \ No newline at end of file +openssl req -x509 -newkey rsa:2048 -keyout httpskey.pem -out httpscert.crt -days 3650 -nodes -- cgit v1.2.3