|
|
@ -17,10 +17,15 @@ cp dns.conf /etc/unbound/unbound.conf.d/ |
|
|
|
|
|
|
|
# Install smallstep CA / ACME server |
|
|
|
cd /tmp |
|
|
|
wget https://github.com/smallstep/cli/releases/download/v0.17.2/step-cli_0.17.2_amd64.deb |
|
|
|
dpkg -i step-cli_0.17.2_amd64.deb |
|
|
|
wget https://github.com/smallstep/certificates/releases/download/v0.17.2/step-ca_0.17.2_amd64.deb |
|
|
|
dpkg -i step-ca_0.17.2_amd64.deb |
|
|
|
wget "https://dl.smallstep.com/gh-release/cli/gh-release-header/v0.24.4/step-cli_0.24.4_amd64.deb" |
|
|
|
dpkg -i step-cli_0.24.4_amd64.deb |
|
|
|
wget "https://dl.smallstep.com/gh-release/certificates/gh-release-header/v0.24.2/step-ca_0.24.2_amd64.deb" |
|
|
|
dpkg -i step-ca_0.24.2_amd64.deb |
|
|
|
|
|
|
|
echo "password" > /root/ca-passwordfile |
|
|
|
step ca init --deployment-type=standalone --name="Kaz CA" --dns="ca.mica.sns" --acme --address=":443" --provisioner="contact@kaz.sns" --password-file="/root/ca-passwordfile" |
|
|
|
echo -e '#!/bin/sh\nstep-ca --password-file /root/ca-passwordfile' >> /etc/rc.local |
|
|
|
chmod +x /etc/rc.local |
|
|
|
|
|
|
|
# step ca init |
|
|
|
# step ca root root.crt |
|
|
|