https://issues.shibboleth.net/jira/browse/SSPCPP-106

[shibboleth/cpp-sp.git] / configs / keygen.sh

diff --git a/configs/keygen.sh b/configs/keygen.sh
index 5ae60db..a8cd80f 100755 (executable)
--- a/configs/keygen.sh
+++ b/configs/keygen.sh
@@ -60,14 +60,10 @@ subjectAltName=$ALTNAME
 subjectKeyIdentifier=hash
 EOF
 
+umask 177
 if [ -z "$BATCH" ] ; then
     openssl req -config sp-cert.cnf -new -x509 -days $DAYS -keyout sp-key.pem -out sp-cert.pem
 else
     openssl req -config sp-cert.cnf -new -x509 -days $DAYS -keyout sp-key.pem -out sp-cert.pem 2> /dev/null
 fi
-
 rm sp-cert.cnf
-
-if  [ -s sp-key.pem ] ; then
-    chmod 600 sp-key.pem
-fi