<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
le build 5998 hash(3fe6476d) en nightly corrige ce problème.<br>
<br>
il faut effacer les clé et certificat du nginx avant de lancer le
postconf.sh <br>
<tt><br>
</tt><tt>cd</tt><tt><br>
</tt><tt>rm tis-waptserver*.deb tis-waptsetup*.deb </tt><tt><br>
</tt><tt>wget
<a class="moz-txt-link-freetext" href="https://wapt.tranquil.it/wapt/nightly/wapt-1.7.4.0-5998-3fe6476d/tis-waptserver-1.7.4.0-tisdeb9-5998-3fe6476d.deb">https://wapt.tranquil.it/wapt/nightly/wapt-1.7.4.0-5998-3fe6476d/tis-waptserver-1.7.4.0-tisdeb9-5998-3fe6476d.deb</a></tt><tt><br>
</tt><tt>wget
<a class="moz-txt-link-freetext" href="https://wapt.tranquil.it/wapt/nightly/wapt-1.7.4.0-5998-3fe6476d/tis-waptsetup-1.7.4.0-tisdeb9-5998-3fe6476d.deb">https://wapt.tranquil.it/wapt/nightly/wapt-1.7.4.0-5998-3fe6476d/tis-waptsetup-1.7.4.0-tisdeb9-5998-3fe6476d.deb</a></tt><tt><br>
</tt><tt>
dpkg -i tis-waptserver*.deb</tt><tt><br>
</tt><tt>
dpkg -i tis-waptsetup*.deb</tt><tt><br>
</tt><tt>rm /opt/wapt/waptserver/ssl/*.pem</tt><tt><br>
</tt><tt>/opt/wapt/waptserver/scripts/postconf.sh</tt><tt><br>
</tt><tt><br>
</tt><tt># verif</tt><tt><br>
</tt><tt>openssl x509 -in /opt/wapt/waptserver/ssl/cert.pem -text
-noout</tt><br>
<br>
<br>
<br>
<div class="moz-cite-prefix">Le 03/04/2019 à 11:49, Hubert TOUVET a
écrit :<br>
</div>
<blockquote type="cite"
cite="mid:0bf802af-e30d-ca7b-b5f0-652470774757@tranquil.it">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
Effectivement, dans le posconf serveur linux, le certificat n'a
pas de subjectAltName.<br>
Vous pouvez recréer la clé et le certificat pour le nginx sur le
serveur avec la commande (une seule ligne !) : <br>
<br>
<tt>openssl req -new -x509 -newkey rsa:2048 -nodes -days 3650 -out
/opt/wapt/waptserver/ssl/cert.pem -keyout
/opt/wapt/waptserver/ssl/key.pem -subj
/C=FR/ST=Wapt/L=Wapt/O=Wapt/CN=wapt2.insa-rennes.fr -reqexts SAN
-extensions SAN -config <(cat /etc/ssl/openssl.cnf
<(printf "[SAN]\nsubjectAltName=DNS:wapt2.insa-rennes.fr"))</tt><br>
<br>
<br>
Je corrige le script en conséquence pour les prochaines
versions...<br>
<br>
<br>
<div class="moz-cite-prefix">Le 02/04/2019 à 09:04, Frederic
Garesche a écrit :<br>
</div>
<blockquote type="cite"
cite="mid:972296910.527979.1554188653207.JavaMail.zimbra@insa-rennes.fr">
<meta http-equiv="content-type" content="text/html;
charset=UTF-8">
<div style="font-family: Andale Mono; font-size: 12pt; color:
#000000">
<div>Bonjour,<br>
</div>
<div><br data-mce-bogus="1">
</div>
<div>On a installer un serveur debian 9 avec wapt en 1.7.3.11.<br
data-mce-bogus="1">
</div>
<div>Généré le cetificat avec postconf<br data-mce-bogus="1">
</div>
<div><br>
</div>
<div>Et maintenant à chaque construction de paquet, on a :<br
data-mce-bogus="1">
</div>
<div><br data-mce-bogus="1">
</div>
<div>C:\wapt\lib\site-packages\urllib3\connection.py:362:
SubjectAltNameWarning: Certificate for wapt2.insa-rennes.fr
has no `subjectAltName`, falling back to check for a
`commonName` for now. This feature is being removed by major
browsers and deprecated by RFC 2818. (See <a
class="moz-txt-link-freetext"
href="https://github.com/shazow/urllib3/issues/497"
moz-do-not-send="true">https://github.com/shazow/urllib3/issues/497</a>
for details.)<br>
SubjectAltNameWarning<br data-mce-bogus="1">
</div>
<div><br data-mce-bogus="1">
</div>
<div>Comment faire pour ajouter
<!--StartFragment-->SubjectAltName<!--EndFragment--> dans le
certificat ?<br data-mce-bogus="1">
</div>
<div><br data-mce-bogus="1">
</div>
<div>Cordialement,<br data-mce-bogus="1">
</div>
<div><br data-mce-bogus="1">
</div>
<div data-marker="__SIG_PRE__">
<div>
<div style="color: #5e5e5d; font-size: 13px; font-family:
arial;"><b><span style="color: #333333;">Frédéric
GARESCHÉ</span><br>
</b></div>
<div style="color: #5e5e5d; font-size: 13px; font-family:
arial;"><span style="color: #808080;"><b>Équipe
Assistance et Exploitation<br>
</b></span></div>
<div style="color: #5e5e5d; font-size: 13px; font-family:
arial;"><span style="color: #808080;"><b>Direction du
Système d'Information (D.S.I)</b></span></div>
<div style="color: #5e5e5d; font-size: 13px; font-family:
arial;"><span style="color: #808080;"><b>Correspondant
Département EII et laboratoire IETR<br>
</b>Tél. : +33 (0)2 23 2<strong>3 82 81</strong></span></div>
<div style="color: #5e5e5d; font-size: 13px; font-family:
arial;">
<div><span style="color: #808080;">20 avenue des Buttes
de Coësmes</span><br>
<span style="color: #808080;">CS 70839 - 35 708 RENNES
Cedex 7</span></div>
</div>
<div style="color: #5e5e5d; font-size: 13px; font-family:
arial;"><span style="color: #808080;"></span><br>
</div>
<a href="https://www.insa-rennes.fr" target="_blank"
moz-do-not-send="true"><img
src="http://ressources.insa-rennes.fr/images/logos/logo-INSARennes_mail.jpg"
alt=""
data-mce-src="http://ressources.insa-rennes.fr/images/logos/logo-INSARennes_mail.jpg"
moz-do-not-send="true"></a><br>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
WAPT mailing list
<a class="moz-txt-link-abbreviated" href="mailto:WAPT@lists.tranquil.it" moz-do-not-send="true">WAPT@lists.tranquil.it</a>
<a class="moz-txt-link-freetext" href="http://lists.tranquil.it/listinfo/wapt" moz-do-not-send="true">http://lists.tranquil.it/listinfo/wapt</a>
</pre>
</blockquote>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
WAPT mailing list
<a class="moz-txt-link-abbreviated" href="mailto:WAPT@lists.tranquil.it">WAPT@lists.tranquil.it</a>
<a class="moz-txt-link-freetext" href="http://lists.tranquil.it/listinfo/wapt">http://lists.tranquil.it/listinfo/wapt</a>
</pre>
</blockquote>
<br>
</body>
</html>