Set secure umask when generating key
This commit is contained in:
John W. O'Brien
parent
78915896d5
commit
a8a5672c34
3
acme.sh
3
acme.sh
@ -979,6 +979,8 @@ _createkey() {
|
|||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
(
|
||||||
|
umask 0077
|
||||||
if _isEccKey "$length"; then
|
if _isEccKey "$length"; then
|
||||||
_debug "Using ec name: $eccname"
|
_debug "Using ec name: $eccname"
|
||||||
${ACME_OPENSSL_BIN:-openssl} ecparam -name "$eccname" -genkey 2>/dev/null >"$f"
|
${ACME_OPENSSL_BIN:-openssl} ecparam -name "$eccname" -genkey 2>/dev/null >"$f"
|
||||||
@ -986,6 +988,7 @@ _createkey() {
|
|||||||
_debug "Using RSA: $length"
|
_debug "Using RSA: $length"
|
||||||
${ACME_OPENSSL_BIN:-openssl} genrsa "$length" 2>/dev/null >"$f"
|
${ACME_OPENSSL_BIN:-openssl} genrsa "$length" 2>/dev/null >"$f"
|
||||||
fi
|
fi
|
||||||
|
)
|
||||||
|
|
||||||
if [ "$?" != "0" ]; then
|
if [ "$?" != "0" ]; then
|
||||||
_err "Create key error."
|
_err "Create key error."
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user