Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
documentation:latest:cli_examples [2019/05/15 09:31]
127.0.0.1 external edit
documentation:latest:cli_examples [2019/11/22 19:21] (current)
Line 2: Line 2:
  
 This page shows some examples of LL::NG Command Line Interface. See [[configlocation#​command_line_interface_cli|how to use the command]]. This page shows some examples of LL::NG Command Line Interface. See [[configlocation#​command_line_interface_cli|how to use the command]].
 +
 +===== Save/​restore configuration =====
 +
 +This part requires LLNG 2.0.5 at least.
 +
 +Save:
 +<code sh>
 +/​usr/​share/​lemonldap-ng/​bin/​lemonldap-ng-cli save >​config.json
 +</​code>​
 +
 +Restore:
 +<code shell>
 +/​usr/​share/​lemonldap-ng/​bin/​lemonldap-ng-cli restore config.json
 +# Or
 +/​usr/​share/​lemonldap-ng/​bin/​lemonldap-ng-cli restore - <​config.json
 +</​code>​
  
 ===== Configure HTTPS ===== ===== Configure HTTPS =====
Line 11: Line 27:
     set \     set \
         portal https://​auth.example.com \         portal https://​auth.example.com \
 +        mailUrl https://​auth.example.com/​resetpwd \
 +        registerUrl https://​auth.example.com/​register \
         https 1 \         https 1 \
         securedCookie 1         securedCookie 1
Line 184: Line 202:
 ===== Configure SAML Identity Provider ===== ===== Configure SAML Identity Provider =====
  
-Activate the SAML Issuer:+You can then generate a private key and a self-signed certificate with these commands;
 <​code>​ <​code>​
-/​usr/​share/​lemonldap-ng/​bin/​lemonldap-ng-cli -yes 1 \ +openssl req -new -newkey rsa:​4096 ​-keyout saml.key ​-nodes  -out saml.pem -x509 -days 3650
-    set \ +
-        issuerDBSAMLActivation 1+
 </​code>​ </​code>​
  
-You can then generate a private key and a self-signed ​certificate ​with these commands;+Fix the certificate ​key format (you can skip this step if you are running >= 2.0.6)
 <​code>​ <​code>​
-openssl req -new -newkey rsa:​4096 ​-keyout ​saml.key ​-nodes ​ -out saml.pem -x509 -days 3650+sed -e "s/END PRIVATE/END RSA PRIVATE/"​ \ 
 +    ​-e "​s/​BEGIN PRIVATE/​BEGIN RSA PRIVATE/"​ \ 
 +    ​-saml.key
 </​code>​ </​code>​
  
-Import them in configuration:+Import them in configuration ​and activate the SAML issuer
 <​code>​ <​code>​
 /​usr/​share/​lemonldap-ng/​bin/​lemonldap-ng-cli -yes 1 \ /​usr/​share/​lemonldap-ng/​bin/​lemonldap-ng-cli -yes 1 \
     set \     set \
         samlServicePrivateKeySig "`cat saml.key`"​ \         samlServicePrivateKeySig "`cat saml.key`"​ \
-        samlServicePublicKeySig "`cat saml.pem`"​+        samlServicePublicKeySig "`cat saml.pem`" ​
 +        issuerDBSAMLActivation 1
 </​code>​ </​code>​
  
Line 329: Line 348:
 </​code>​ </​code>​
  
 +===== Encryption key =====
 +
 +To update the master encryption key:
 +<​code>​
 +/​usr/​share/​lemonldap-ng/​bin/​lemonldap-ng-cli -yes 1 \
 +    set \
 +        key '​xxxxxxxxxxxxxxx'​
 +</​code>​