diff --git a/entrypoint.sh b/entrypoint.sh index 859fc47ee8cfb3d876c85745bd6436277c7c7a60..58029d7fb71084420de5d28a6c0ab55d889f29d4 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -29,6 +29,8 @@ if [ ! -f /etc/apache2/saml2/idp.xml ]; then curl $IDP_METADATA > /etc/apache2/saml2/idp.xml fi +sed -i "/{{HOST}}/${HOST}/" /etc/apache2/conf-enabled/mod_auth_mellon.conf + # Create mod_auth_mellon service provider config if [ ! -f /etc/apache2/saml2/sp.xml ]; then pushd /etc/apache2/saml2 @@ -37,6 +39,7 @@ if [ ! -f /etc/apache2/saml2/sp.xml ]; then mv http*.xml sp.xml mv http*.key sp.key mv http*.cert sp.cert + chmod 644 sp.key popd fi diff --git a/mod_auth_mellon.conf b/mod_auth_mellon.conf index 7b9b0ac8897216a1915dd16eea2cd91c06e2035d..28b8bf705cf6d41eb7725d2b1823ef4b6fc63b6e 100644 --- a/mod_auth_mellon.conf +++ b/mod_auth_mellon.conf @@ -1,3 +1,5 @@ +ServerName https://{{HOST}} + <Location / > MellonEnable info MellonEndpointPath /mellon @@ -5,6 +7,7 @@ MellonSPCertFile /etc/apache2/saml2/sp.cert MellonSPMetadataFile /etc/apache2/saml2/sp.xml MellonIdPMetadataFile /etc/apache2/saml2/idp.xml + MellonSignatureMethod rsa-sha256 </Location> <Location /admin >