From: Gunnar Beutner Date: Wed, 27 Jun 2012 07:10:37 +0000 (+0200) Subject: Combine private and public keys into one file. X-Git-Tag: v0.0.1~358 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a9d865c94f8221596a0c89d1fd8adcad2d4f38f4;p=icinga2 Combine private and public keys into one file. --- diff --git a/icinga-app/icinga-c1.crt b/icinga-app/icinga-c1.crt deleted file mode 100644 index 02201e448..000000000 --- a/icinga-app/icinga-c1.crt +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICtzCCAiCgAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJERTEQ -MA4GA1UECAwHQmF2YXJpYTESMBAGA1UEBwwJTnVyZW1iZXJnMRUwEwYDVQQKDAxO -RVRXQVlTIEdtYkgxHDAaBgNVBAMME0ljaW5nYSBTbmFrZSBPaWwgQ0EwHhcNMTIw -NDI0MTE0NzQ2WhcNMTMwNDI0MTE0NzQ2WjBeMQswCQYDVQQGEwJERTEQMA4GA1UE -CAwHQmF2YXJpYTESMBAGA1UEBwwJTnVyZW1iZXJnMRUwEwYDVQQKDAxORVRXQVlT -IEdtYkgxEjAQBgNVBAMMCWljaW5nYS1jMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw -gYkCgYEAysHrzHs9WfQR4cEUx2hFZQmbM+Ssi5L63yqnzxEvVQ3GlM+uIceK1Kvx -9EexoUDLhxJOaUmigc6Pcs2mAjcpEwObnzW4pLuMKa7ngGLrnUpmmDXdGoxkCbi7 -CP3s5yC7ZZ6bDiPMhRi/TRvY6+uQf+yew5daA3p87jocgRjhRicCAwEAAaN7MHkw -CQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2Vy -dGlmaWNhdGUwHQYDVR0OBBYEFPzsYbQZdbq+pcFJWoenWREW6WhMMB8GA1UdIwQY -MBaAFNVJHVPJNwqEcG51lpqZJWVPaysFMA0GCSqGSIb3DQEBBQUAA4GBAMLP1GJf -0hFdrEpGq+NvxTVx7wD30enAot5x2HLx4HuFohQJz/VZ45v+srrA+HEXbBFXPOd4 -nB2XtcDDidFKTt5E03HBwDGGZvnB3f1KXYi7B50imKrwVVzgp5nGBM4hSzWGovEX -EYofmhk0fQg9qiKQrjwNib/4/b0srwEswfdj ------END CERTIFICATE----- diff --git a/icinga-app/icinga-c1.key b/icinga-app/icinga-c1.key deleted file mode 100644 index 9f28765bb..000000000 --- a/icinga-app/icinga-c1.key +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMrB68x7PVn0EeHB -FMdoRWUJmzPkrIuS+t8qp88RL1UNxpTPriHHitSr8fRHsaFAy4cSTmlJooHOj3LN -pgI3KRMDm581uKS7jCmu54Bi651KZpg13RqMZAm4uwj97Ocgu2Wemw4jzIUYv00b -2OvrkH/snsOXWgN6fO46HIEY4UYnAgMBAAECgYBj/1QOG1HcxXT0REe9OP3QoPY8 -l7FJfQnheqYch7syVYL07aBR5Jnh3ZONCLbgcpZuXWbyonBVWMyCsE4Jla7ZYnBB -plZPMYmzGxEbTM5Bu+PZ0M1NLvdLCRq24IVwTZwBBZ3sr7rVSnAYi2Li0SWQEaCN -P+PbZP1P9i9WiI+VIQJBAPYBfVWNk3gY1V0YuuH9fmYRBg5/B1qy8bYS9FLVIq2z -5r7eI1EypcVtyTx6yMmLuWj4mpNOKv5sxQsHalzRo18CQQDS/qPoDqMkDB9r9XeZ -qS2XQdX6YxzGisqL8vWcZ/Y6YX81qm3Lpp2wEexUXvWXRI5RdguctZFKTVyG/Mic -C9o5AkAEtvKX+SaiXpd4OUkbm6gYfKsJDBYv/s3zF1nnXH5VpeT+M3Op0raqmfgJ -WLEQa8UZ5enQeOcKCTudgn7fWIUxAkEAmXWfXP6YZXVzvR+xt08225aEvTItEbKM -krFJNlLe4aNb1Hp6lO5ALnk6vDq8wSKZqGIFHBtq6vHNZFiix+xO8QJAIZ3pB/Bz -Il8NjZMg8t/1sJdn32Xe9D0lZRtZTKC8zF/78NDFEo9qqE4Sr1CUfqlx18HXOxCO -Vg4lv6+jUj+LmA== ------END PRIVATE KEY----- \ No newline at end of file diff --git a/icinga-app/icinga-c2.crt b/icinga-app/icinga-c2.crt deleted file mode 100644 index b3aaa1b7d..000000000 --- a/icinga-app/icinga-c2.crt +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICtzCCAiCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJERTEQ -MA4GA1UECAwHQmF2YXJpYTESMBAGA1UEBwwJTnVyZW1iZXJnMRUwEwYDVQQKDAxO -RVRXQVlTIEdtYkgxHDAaBgNVBAMME0ljaW5nYSBTbmFrZSBPaWwgQ0EwHhcNMTIw -NDI0MTE0NzU1WhcNMTMwNDI0MTE0NzU1WjBeMQswCQYDVQQGEwJERTEQMA4GA1UE -CAwHQmF2YXJpYTESMBAGA1UEBwwJTnVyZW1iZXJnMRUwEwYDVQQKDAxORVRXQVlT -IEdtYkgxEjAQBgNVBAMMCWljaW5nYS1jMjCBnzANBgkqhkiG9w0BAQEFAAOBjQAw -gYkCgYEArOcVui1AWojbPuK/7We9uwIBLaOLfBxQRI3+k6PzzjdtaXT4ijT/DSav -Q5U4wGOLYh0yuSyqS88QX/DsqDGLXnSVs8mT37bioMOw2XinqaNQ6xK4vyi0FYxS -ewI6YOkYi7135NEaSUgd82hk4wFtiIb67T7hkHRc7Aui6FmT/SkCAwEAAaN7MHkw -CQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2Vy -dGlmaWNhdGUwHQYDVR0OBBYEFGvpolD5na6L70kNFO1tYGYIwDhqMB8GA1UdIwQY -MBaAFNVJHVPJNwqEcG51lpqZJWVPaysFMA0GCSqGSIb3DQEBBQUAA4GBAIhhjKWw -5JKirNidgG9PuD8x47VsRTkESLlq/pS7KjkE1nWCG9JpR5oVSzx2WXomiaAZ4q2C -WS1z4HD9HF4NbhY+xVBi0Fj/kotuXCCweRo5EVp7Q4fabm1maJemFwMTHGhBLu7a -v4dquYyOk9Dhkwcjajyn+KWceCoUTdI3LB2t ------END CERTIFICATE----- \ No newline at end of file diff --git a/icinga-app/icinga-c2.key b/icinga-app/icinga-c2.key deleted file mode 100644 index 6ddda8609..000000000 --- a/icinga-app/icinga-c2.key +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAKznFbotQFqI2z7i -v+1nvbsCAS2ji3wcUESN/pOj8843bWl0+Io0/w0mr0OVOMBji2IdMrksqkvPEF/w -7Kgxi150lbPJk9+24qDDsNl4p6mjUOsSuL8otBWMUnsCOmDpGIu9d+TRGklIHfNo -ZOMBbYiG+u0+4ZB0XOwLouhZk/0pAgMBAAECgYEAkbEavslYm7EMRX4dyXcMCaNT -yNgxNcBJ5qpbpJ6XVuGfoSf+Mb8cV0GMl38K1hpLHb6Kujwntz9ghedmEwfEbcw0 -TkSaNz1+7omM+485S2YvXJyR1kO8eEKONVlGuxgO/ItiR+e1J6wMnY5JhctgRH6W -aOqy+5Ua1ATIdiOYrI0CQQDku3CNDOipwDmguBIrlxa+6NsATJRjqFmHqWdu2pYh -KRl3Sypn+LfhdFRbo3licU5a1OqydGmVpRTpQPJO7MoHAkEAwYPQIGZd/60O2LWV -M5eLnwKrrQSfrQ/Lngz0Qko4Yo913Ef2PC2QQ6p9cOt3vMPZDK5znlzQbBCa6cAH -tBvzTwJAT+uaaP5wsRdkS17lomt5XB1aoCEh3Cxvk/JCHL6tpEqLBl6yI4AJJ/KQ -ozBccmQqv5wToWUBm3MB+nph7+fWswJAMKcQQ6UZCvganHeCzJbUXqUQPo7ECoHH -IrSFEMmSRY1mB3z8NoMKG0kZArPgxc/DmUGfBfi12gWOvSgvh6PjVwJBALKECoe5 -nmxhHTFbs4+UCFTzp6BGtSBdr6to0ID7ykZWT6kBX/BHUnoJUEpDtNLXzbek/KeI -ymg0LgRkHoWNpLY= ------END PRIVATE KEY----- \ No newline at end of file diff --git a/icinga-app/icinga-c3.crt b/icinga-app/icinga-c3.crt deleted file mode 100644 index 450b60b6c..000000000 --- a/icinga-app/icinga-c3.crt +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICNTCCAZ4CAQQwDQYJKoZIhvcNAQEFBQAwaDELMAkGA1UEBhMCREUxEDAOBgNV -BAgMB0JhdmFyaWExEjAQBgNVBAcMCU51cmVtYmVyZzEVMBMGA1UECgwMTkVUV0FZ -UyBHbWJIMRwwGgYDVQQDDBNJY2luZ2EgU25ha2UgT2lsIENBMB4XDTEyMDUwODA3 -MzkxOVoXDTIyMDUwNjA3MzkxOVowXjELMAkGA1UEBhMCREUxEDAOBgNVBAgMB0Jh -dmFyaWExEjAQBgNVBAcMCU51cmVtYmVyZzEVMBMGA1UECgwMTkVUV0FZUyBHbWJI -MRIwEAYDVQQDDAlpY2luZ2EtYzMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB -AKFf+UkCgbNtEP0OoeF+K02L5SRlqkkkp6eaieh0IN7NNAxeELcGpZmycv4sHp30 -qv0zDtKU1HYrpm8TEBsz2AoT+J36QT9IysfcWdM9o3WZGMDUVqYBUscurkxBQJCK -cFwXijTJ8Djn82xVgNUm/E44AdbrIwUlx23yllErx8hfAgMBAAEwDQYJKoZIhvcN -AQEFBQADgYEAsZOKZQ2+ksPiNTCJrY+uiUZs6lFSbcJ9BHHaAt0ytQPiblufz3xl -AR5Hza5fHt+lN9aGxM7TWMhjZHhmoctSRz8AW1KZTdbxJhRdbqmBjl95c2wBiDxs -ERpyU9m9Rp42IjTyU4Vr/yO7DgMcG2k4KYzNquA5O8rqqtPRAp3H6n0= ------END CERTIFICATE----- \ No newline at end of file diff --git a/icinga-app/icinga-c3.key b/icinga-app/icinga-c3.key deleted file mode 100644 index 1f7118cca..000000000 --- a/icinga-app/icinga-c3.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQChX/lJAoGzbRD9DqHhfitNi+UkZapJJKenmonodCDezTQMXhC3 -BqWZsnL+LB6d9Kr9Mw7SlNR2K6ZvExAbM9gKE/id+kE/SMrH3FnTPaN1mRjA1Fam -AVLHLq5MQUCQinBcF4o0yfA45/NsVYDVJvxOOAHW6yMFJcdt8pZRK8fIXwIDAQAB -AoGASJwWXnNySHlam4Jp9DwA3/OCNs5HwIFtrkwqoR0fbSCHusjYXIHxISbZ9uOD -Iy9jgGno0XeF4WXijTfWl2bMXYWTS7ISMBg96bPZtG/RTdgd1LT69s82a+apbgSd -bxB64cyn8KtuABfZ9AMR+TV28TDmnGMdhVoaM66iWKv4a4ECQQDNmk3NTZ+s/y5F -5qOgJqH5yX1hZLLmm8e8lpghqDT43HR3cMJLN6b5oS1UdMcEw1Q6q3hjFl+MbnZa -AzvzpT9DAkEAyO5YdpbRG1OR7sNmidowvr1NkIjV/C4UuSpGrx9XJFAZkLxEEmMu -13QssdHjAkX5yFjkoNPC+wA6DeVjtvHatQJBAMG1qavOgKyLV9t/65XOEDm5Pqnu -KCfhiZQDBp5fTllRy2FlGYmoi2cSFhVGWOQB7G/CchBZWfiDcnpoJanufOUCQGr7 -bKKHnoKcNmEYLOpNABMum7PPB5AjwOjt94CagT1WYKZNdzkLEg+pTXrIM8QsGdhw -bBqtZW1bK43mivcHQtkCQF+p7LfzmPo9uzRrOfjgTDYLuh3MD8EKNs0M6l15UqbQ -nfBBE0oIPH4j+K++7xWUQ7vbiyBc7C7H3NZeE6xqfS0= ------END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/icinga-app/icinga-checker1.conf b/icinga-app/icinga-checker1.conf new file mode 100644 index 000000000..15b09ff75 --- /dev/null +++ b/icinga-app/icinga-checker1.conf @@ -0,0 +1,25 @@ +local object application "icinga" { + ca = "ca.crt", + cert = "icinga-c2.pem" +} + +local object component "checker" { +} + +local object component "discovery" { + broker = 0 +} + +/* trusted upstream endpoint */ +local object endpoint "icinga-c1" { + node = "192.168.5.46", + service = 7777, + + roles = { "all" } +} + +local object role "all" { + publications = { "*" }, + subscriptions = { "*" } +} + diff --git a/icinga-app/icinga-checker2.conf b/icinga-app/icinga-checker2.conf new file mode 100644 index 000000000..b249de745 --- /dev/null +++ b/icinga-app/icinga-checker2.conf @@ -0,0 +1,24 @@ +local object application "icinga" { + cert = "icinga-c3.pem", + ca = "ca.crt" +} + +local object component "checker" { +} + +local object component "discovery" { + broker = 0 +} + +/* trusted upstream endpoint */ +local object endpoint "icinga-c1" { + node = "192.168.5.46", + service = 7777, + + roles = { "all" } +} + +local object role "all" { + publications = { "*" }, + subscriptions = { "*" } +} diff --git a/icinga-app/icinga1.conf b/icinga-app/icinga1.conf index 9dbfb2a56..fc7ba8ebd 100644 --- a/icinga-app/icinga1.conf +++ b/icinga-app/icinga1.conf @@ -1,7 +1,6 @@ local object application "icinga" { - privkey = "icinga-c1.key", - pubkey = "icinga-c1.crt", - cakey = "ca.crt", + ca = "ca.crt", + cert = "icinga-c1.pem", node = "10.0.10.14", service = 7777 diff --git a/icinga-app/icinga2.conf b/icinga-app/icinga2.conf index 085f76297..0b0b85532 100644 --- a/icinga-app/icinga2.conf +++ b/icinga-app/icinga2.conf @@ -1,8 +1,7 @@ local object application "icinga" { - privkey = "icinga-c2.key", - pubkey = "icinga-c2.crt", + ca = "ca.crt", + cert = "icinga-c2.pem", - cakey = "ca.crt", node = "192.168.2.235", service = 7777 } diff --git a/icinga-app/icinga3.conf b/icinga-app/icinga3.conf index 26042a03f..1793167f8 100644 --- a/icinga-app/icinga3.conf +++ b/icinga-app/icinga3.conf @@ -1,7 +1,6 @@ local object application "icinga" { - privkey = "icinga-c3.key", - pubkey = "icinga-c3.crt", - cakey = "ca.crt", + ca = "ca.crt", + cert = "icinga-c3.pem", node = "10.0.10.14", service = 9999 diff --git a/icinga/icingaapplication.cpp b/icinga/icingaapplication.cpp index 7955eb161..b2f8b5575 100644 --- a/icinga/icingaapplication.cpp +++ b/icinga/icingaapplication.cpp @@ -75,20 +75,19 @@ int IcingaApplication::Main(const vector& args) if (!icingaConfig->IsLocal()) throw runtime_error("'icinga' application object must be 'local'."); - icingaConfig->GetProperty("privkey", &m_PrivateKeyFile); - icingaConfig->GetProperty("pubkey", &m_PublicKeyFile); - icingaConfig->GetProperty("cakey", &m_CAKeyFile); + icingaConfig->GetProperty("cert", &m_CertificateFile); + icingaConfig->GetProperty("ca", &m_CAFile); icingaConfig->GetProperty("node", &m_Node); icingaConfig->GetProperty("service", &m_Service); - if (!GetPrivateKeyFile().empty() && !GetPublicKeyFile().empty() && !GetCAKeyFile().empty()) { + if (!GetCertificateFile().empty() && !GetCAFile().empty()) { /* set up SSL context */ - shared_ptr cert = Utility::GetX509Certificate(GetPublicKeyFile()); + shared_ptr cert = Utility::GetX509Certificate(GetCertificateFile()); string identity = Utility::GetCertificateCN(cert); Application::Log(LogInformation, "icinga", "My identity: " + identity); m_EndpointManager->SetIdentity(identity); - shared_ptr sslContext = Utility::MakeSSLContext(GetPublicKeyFile(), GetPrivateKeyFile(), GetCAKeyFile()); + shared_ptr sslContext = Utility::MakeSSLContext(GetCertificateFile(), GetCertificateFile(), GetCAFile()); m_EndpointManager->SetSSLContext(sslContext); } @@ -136,19 +135,14 @@ void IcingaApplication::DeletedComponentHandler(const ConfigObject::Ptr& object) UnregisterComponent(component); } -string IcingaApplication::GetPrivateKeyFile(void) const +string IcingaApplication::GetCertificateFile(void) const { - return m_PrivateKeyFile; + return m_CertificateFile; } -string IcingaApplication::GetPublicKeyFile(void) const +string IcingaApplication::GetCAFile(void) const { - return m_PublicKeyFile; -} - -string IcingaApplication::GetCAKeyFile(void) const -{ - return m_CAKeyFile; + return m_CAFile; } string IcingaApplication::GetNode(void) const diff --git a/icinga/icingaapplication.h b/icinga/icingaapplication.h index 4dbfb00d2..438a1866c 100644 --- a/icinga/icingaapplication.h +++ b/icinga/icingaapplication.h @@ -38,18 +38,16 @@ public: EndpointManager::Ptr GetEndpointManager(void); - string GetPrivateKeyFile(void) const; - string GetPublicKeyFile(void) const; - string GetCAKeyFile(void) const; + string GetCertificateFile(void) const; + string GetCAFile(void) const; string GetNode(void) const; string GetService(void) const; private: EndpointManager::Ptr m_EndpointManager; - string m_PrivateKeyFile; - string m_PublicKeyFile; - string m_CAKeyFile; + string m_CertificateFile; + string m_CAFile; string m_Node; string m_Service;