mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-12-23 21:55:52 -05:00
Added support for intermediate CA certs in web server TLS.
This commit is contained in:
parent
4dfc83f09e
commit
5e00e61d08
@ -154,6 +154,19 @@ module.exports.CertificateOperations = function () {
|
||||
r.agent = { cert: agentCertificate, key: agentPrivateKey };
|
||||
rcount++;
|
||||
}
|
||||
|
||||
// If CA certificates are present, load them
|
||||
var caok, caindex = 1, calist = [];
|
||||
do {
|
||||
caok = false;
|
||||
if (obj.fileExists(directory + '/webserver-cert-chain' + caindex + '.crt')) {
|
||||
var caCertificate = obj.fs.readFileSync(directory + '/webserver-cert-chain' + caindex + '.crt', 'utf8');
|
||||
calist.push(caCertificate);
|
||||
caok = true;
|
||||
}
|
||||
caindex++;
|
||||
} while (caok == true);
|
||||
r.calist = calist;
|
||||
|
||||
// Decode certificate arguments
|
||||
var commonName = 'un-configured', country, organization;
|
||||
@ -226,7 +239,7 @@ module.exports.CertificateOperations = function () {
|
||||
agentPrivateKey = r.agent.key
|
||||
}
|
||||
|
||||
var r = { root: { cert: rootCertificate, key: rootPrivateKey }, web: { cert: webCertificate, key: webPrivateKey }, mps: { cert: mpsCertificate, key: mpsPrivateKey }, agent: { cert: agentCertificate, key: agentPrivateKey }, CommonName: commonName, RootName: rootName };
|
||||
var r = { root: { cert: rootCertificate, key: rootPrivateKey }, web: { cert: webCertificate, key: webPrivateKey }, mps: { cert: mpsCertificate, key: mpsPrivateKey }, agent: { cert: agentCertificate, key: agentPrivateKey }, calist: calist, CommonName: commonName, RootName: rootName };
|
||||
if (func != undefined) { func(r); }
|
||||
return r;
|
||||
}
|
||||
|
@ -436,7 +436,6 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
|
||||
case 'iplocation':
|
||||
{
|
||||
// Sent by the agent to update location information
|
||||
console.log(command);
|
||||
if ((command.type == 'publicip') && (command.value != null) && (typeof command.value == 'object') && (command.value.ip) && (command.value.loc)) {
|
||||
var x = {};
|
||||
x.publicip = command.value.ip;
|
||||
|
@ -299,7 +299,7 @@ function CreateMeshCentralServer() {
|
||||
}
|
||||
|
||||
// Setup and start the redirection server if needed
|
||||
if (obj.args.redirport != undefined && typeof obj.args.redirport == 'number') {
|
||||
if ((obj.args.redirport != undefined) && (typeof obj.args.redirport == 'number') && (obj.args.redirport != 0)) {
|
||||
obj.redirserver = require('./redirserver.js').CreateRedirServer(obj, obj.db, obj.args, obj.certificates);
|
||||
}
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "meshcentral",
|
||||
"version": "0.0.7-o",
|
||||
"version": "0.0.7-p",
|
||||
"keywords": [
|
||||
"Remote Management",
|
||||
"Intel AMT",
|
||||
|
@ -89,7 +89,7 @@ module.exports.CreateWebServer = function (parent, db, args, secret, certificate
|
||||
// Setup the HTTP server with TLS
|
||||
//var certOperations = require('./certoperations.js').CertificateOperations();
|
||||
//var webServerCert = certOperations.GetWebServerCertificate('./data', 'SampleServer.org', 'US', 'SampleOrg');
|
||||
obj.tlsServer = require('https').createServer({ cert: obj.certificates.web.cert, key: obj.certificates.web.key, rejectUnauthorized: true }, obj.app);
|
||||
obj.tlsServer = require('https').createServer({ cert: obj.certificates.web.cert, key: obj.certificates.web.key, ca: obj.certificates.calist, rejectUnauthorized: true }, obj.app);
|
||||
obj.expressWs = require('express-ws')(obj.app, obj.tlsServer);
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user