Last active
May 2, 2018 07:35
-
-
Save avigail-oron/f5553c59050646534cb7e78fca0c307f to your computer and use it in GitHub Desktop.
Setting up Passe-partout on ubuntu 16.0.4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //based on: https://serverfault.com/questions/549298/retrieving-an-rsa-key-from-a-running-instance-of-apache | |
| //Setup | |
| //------ | |
| sudo apt-get install make | |
| sudo apt install gcc | |
| sudo apt-get install openssl | |
| //make sure it's openssl 1.0.x and not 1.1.x, passe-partout doesn't support it | |
| sudo apt-get install libssl-dev | |
| //get passe-partout files: | |
| git clone <cloned-repo> | |
| //build passe-partout: | |
| sudo ./build.sh | |
| //Harvest the private keys from Apache2 memory: | |
| //--------------------------------------------- | |
| //fetch apache2 main process id, via 'ps -ef|grep apache2' or 'service apache2 status' | |
| //run passpartout as root and provide apache2 process id: | |
| ./passe-partout <apache2 pid> | |
| //the key file will be created in current directory | |
| //Verify: | |
| //------ | |
| //note - the file contents will not match the private key file contents. to verify it matches you need to: | |
| //1. run the following on the public certificate: | |
| openssl x509 -noout -modulus -in /etc/ssl/certs/apache-selfsigned.crt |openssl md5 | |
| //2. run the following on passe-partout's generated key file: | |
| openssl rsa -noout -modulus -in id_rsa-0.key |openssl md5 | |
| if the 2 outputs matches - this is the correct key! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment