Apply automatic changes

docs/development-ca.md

@@ -41,7 +41,7 @@ certtool --generate-self-signed --load-privkey rootca-key.pem --outfile rootca-c
 <!-- MARKDOWN-AUTO-DOCS:START (CODE:src=../docs/scripts/createWebserverCertForITest.sh&lines=11-55) -->
 <!-- The below code snippet is automatically added from ../docs/scripts/createWebserverCertForITest.sh -->
 ```sh
-cd ~/${FOLDERNAME}
+pushd ~/${FOLDERNAME}
 
 certtool --generate-privkey --outfile testserver-key.pem
 
@@ -66,12 +66,14 @@ certtool --generate-certificate --load-privkey testserver-key.pem --outfile test
 
 cat testserver.crt rootca-cert.pem >bundle.crt
 
-SSL_CERTIFICATE=$(
+export SSL_CERTIFICATE=$(
 echo "$PWD/bundle.crt"
 )
-SSL_CERTIFICATE_KEY=$(
+export SSL_CERTIFICATE_KEY=$(
 echo "$PWD/testserver-key.pem"
 )
+
+popd
 ```
 <!-- MARKDOWN-AUTO-DOCS:END -->
 

docs/install-server-certificate.md

@@ -50,13 +50,11 @@ finds your your private key and the certificate chain.
 <!-- MARKDOWN-AUTO-DOCS:START (CODE:src=../docs/scripts/TLSConfigsForITest.sh&lines=31-37) -->
 <!-- The below code snippet is automatically added from ../docs/scripts/TLSConfigsForITest.sh -->
 ```sh
-        listen 443 ssl default_server; # ipv4
-        listen [::]:443 ssl http2 default_server;  # ipv6
-
         ssl_certificate  '${SSL_CERTIFICATE}'; # e.g. ssl_certificate /etc/ssl/csaf/bundle.crt
         ssl_certificate_key '${SSL_CERTIFICATE_KEY}'; # e.g. ssl_certificate_key /etc/ssl/csaf/testserver-key.pem;
 
         ssl_protocols TLSv1.2 TLSv1.3;
+' > ~/${FOLDERNAME}/TLSConfigs.txt
 ```
 <!-- MARKDOWN-AUTO-DOCS:END -->
 

docs/provider-setup.md

@@ -120,6 +120,27 @@ This needs to set the `password` option in `config.toml`.
 
 To let nginx resolves the DNS record `csaf.data.security.domain.tld` to fulfill the [Requirement 10](https://docs.oasis-open.org/csaf/csaf/v2.0/cs01/csaf-v2.0-cs01.html#7110-requirement-10-dns-path) configure a new server block (virtual host) in a separated file under `/etc/nginx/available-sites/{DNSNAME}` like following:
 <!-- MARKDOWN-AUTO-DOCS:START (CODE:src=../docs/scripts/DNSConfigForItest.sh&lines=18-35) -->
+<!-- The below code snippet is automatically added from ../docs/scripts/DNSConfigForItest.sh -->
+```sh
+    server {
+        listen 443 ssl http2;
+        listen [::]:443 ssl http2;
+
+        ssl_certificate  '${SSL_CERTIFICATE}'; # e.g. ssl_certificate /etc/ssl/csaf/bundle.crt
+        ssl_certificate_key '${SSL_CERTIFICATE_KEY}'; # e.g. ssl_certificate_key /etc/ssl/csaf/testserver-key.pem;
+
+        root /var/www/html;
+
+        server_name ${DNS_NAME}; # e.g. server_name csaf.data.security.domain.tld;
+
+        location / {
+                try_files /.well-known/csaf/provider-metadata.json =404;
+        }
+
+        access_log /var/log/nginx/dns-domain_access.log;
+        error_log /var/log/nginx/dns-domain_error.log;
+}
+```
 <!-- MARKDOWN-AUTO-DOCS:END -->
 
 Then create a symbolic link to enable the new server block: