search

wazuh / wazuh-packages

Wazuh - Tools for packages creation
https://wazuh.com
GNU General Public License v2.0
98 stars 89 forks source link

Remove debug variable in Admin certificate generation #2815

Closed davidcr01 closed 5 months ago

davidcr01 commented 5 months ago

Description

Related: https://github.com/wazuh/wazuh/issues/21799 Related: https://github.com/wazuh/wazuh-packages/issues/2787

It has been found that the WIA stills generates the ++-++ output when generating the Admin certificates:

07/02/2024 13:18:27 INFO: Generating Admin certificates.
Generating RSA private key, 2048 bit long modulus
..................+++
..+++

It seems that a debug variable was not removed from the following function, which is generating the mentioned output:

function cert_generateAdmincertificate() {

    common_logger "Generating Admin certificates."
    common_logger -d "Generating Admin private key."
    cert_executeAndValidate "openssl genrsa -out ${cert_tmp_path}/admin-key-temp.pem 2048 ${debug}"
    common_logger -d "Converting Admin private key to PKCS8 format."
    cert_executeAndValidate "openssl pkcs8 -inform PEM -outform PEM -in ${cert_tmp_path}/admin-key-temp.pem -topk8 -nocrypt -v1 PBE-SHA1-3DES -out ${cert_tmp_path}/admin-key.pem"
    common_logger -d "Generating Admin CSR."
    cert_executeAndValidate "openssl req -new -key ${cert_tmp_path}/admin-key.pem -out ${cert_tmp_path}/admin.csr -batch -subj '/C=US/L=California/O=Wazuh/OU=Wazuh/CN=admin'"
    common_logger -d "Creating Admin certificate."
    cert_executeAndValidate "openssl x509 -days 3650 -req -in ${cert_tmp_path}/admin.csr -CA ${cert_tmp_path}/root-ca.pem -CAkey ${cert_tmp_path}/root-ca.key -CAcreateserial -sha256 -out ${cert_tmp_path}/admin.pem"

}
davidcr01 commented 5 months ago

Update Report

Development

The debug variable has been removed and the output is not displayed anymore:

[root@al2 vagrant]# bash wazuh-install.sh -g
09/02/2024 11:07:12 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0
09/02/2024 11:07:12 INFO: Verbose logging redirected to /var/log/wazuh-install.log
09/02/2024 11:07:16 INFO: Verifying that your system meets the recommended minimum hardware requirements.
09/02/2024 11:07:16 INFO: --- Configuration files ---
09/02/2024 11:07:16 INFO: Generating configuration files.
09/02/2024 11:07:17 INFO: Generating the root certificate.
09/02/2024 11:07:17 INFO: Generating Admin certificates.
09/02/2024 11:07:17 INFO: Generating Wazuh indexer certificates.
09/02/2024 11:07:17 INFO: Generating Filebeat certificates.
09/02/2024 11:07:17 INFO: Generating Wazuh dashboard certificates.
09/02/2024 11:07:17 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.

[root@al2 vagrant]# cat /var/log/wazuh-install.log 
09/02/2024 11:07:12 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0
09/02/2024 11:07:12 INFO: Verbose logging redirected to /var/log/wazuh-install.log
09/02/2024 11:07:16 INFO: Verifying that your system meets the recommended minimum hardware requirements.
09/02/2024 11:07:16 INFO: --- Configuration files ---
09/02/2024 11:07:16 INFO: Generating configuration files.
09/02/2024 11:07:17 INFO: Generating the root certificate.
09/02/2024 11:07:17 INFO: Generating Admin certificates.
09/02/2024 11:07:17 INFO: Generating Wazuh indexer certificates.
09/02/2024 11:07:17 INFO: Generating Filebeat certificates.
09/02/2024 11:07:17 INFO: Generating Wazuh dashboard certificates.
09/02/2024 11:07:17 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
[root@al2 vagrant]#