Browse Source

Désactiver host apache par défaut et empécher vérif SSL lors de la récupération des certifs de l'IDP

Teddy Cornaut 2 months ago
parent
commit
b7c37830b6
3 changed files with 8 additions and 3 deletions
  1. 6
    2
      creolefuncs/certificates.py
  2. 1
    0
      postservice/61-pve
  3. 1
    1
      tmpl/msebundle-apache.conf

+ 6
- 2
creolefuncs/certificates.py View File

@@ -6,10 +6,14 @@ def getIDPCert(idp_url, key_type):
6 6
     import urllib2
7 7
     import re
8 8
     import yaml
9
+    import ssl
9 10
 
11
+    ctx = ssl.create_default_context()
12
+    ctx.check_hostname = False
13
+    ctx.verify_mode = ssl.CERT_NONE
10 14
 
11 15
     try:
12
-        dom = minidom.parse(urllib2.urlopen(idp_url))
16
+        dom = minidom.parse(urllib2.urlopen(idp_url, context=ctx))
13 17
         keyDescriptors = dom.getElementsByTagName('KeyDescriptor');
14 18
     except:
15 19
         return ""
@@ -25,7 +29,7 @@ def getIDPCert(idp_url, key_type):
25 29
                 resTmp = "        - " + resTmp + " \n"
26 30
                 res += resTmp
27 31
     res += "\n"
28
-    
32
+
29 33
     return res
30 34
 
31 35
 def getEOLECert(eole_cert_path, output_path):

+ 1
- 0
postservice/61-pve View File

@@ -85,6 +85,7 @@ function synchroHost()
85 85
     done
86 86
 
87 87
     # Redémarrage service apache
88
+    cmd="${cmd} a2dissite 000-default;"
88 89
     cmd="${cmd} a2ensite mse;"
89 90
     cmd="${cmd} service php5.6-fpm restart;"
90 91
     cmd="${cmd} service apache2 restart;"

+ 1
- 1
tmpl/msebundle-apache.conf View File

@@ -1,6 +1,6 @@
1 1
 <VirtualHost *:80>
2 2
     ServerName %%pvebundle_domain
3
-    ServerAlias %%pvebundle_alias
3
+    ServerAlias %%pvebundle_alias %%nom_domaine_machine
4 4
 
5 5
     TimeOut %%mseTimeout
6 6
     ProxyTimeout %%mseProxyTimeout