From 94ecdf7fd62d040f6ea43d078621742b4cb493bc Mon Sep 17 00:00:00 2001
From: Kyle Spearrin <kyle.spearrin@gmail.com>
Date: Thu, 8 Mar 2018 17:31:51 -0500
Subject: [PATCH] support non-ssl installations

---
 util/Setup/CertBuilder.cs        | 18 +++++++++++-------
 util/Setup/NginxConfigBuilder.cs |  4 ++--
 util/Setup/Program.cs            |  2 +-
 3 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/util/Setup/CertBuilder.cs b/util/Setup/CertBuilder.cs
index a2c82bc36c..a1ca290b89 100644
--- a/util/Setup/CertBuilder.cs
+++ b/util/Setup/CertBuilder.cs
@@ -23,13 +23,17 @@ namespace Bit.Setup
             var selfSignedSsl = false;
             if(!Ssl)
             {
-                Directory.CreateDirectory($"/bitwarden/ssl/self/{Domain}/");
-                Console.WriteLine("Generating self signed SSL certificate.");
-                Ssl = selfSignedSsl = true;
-                Helpers.Exec("openssl req -x509 -newkey rsa:4096 -sha256 -nodes -days 365 " +
-                    $"-keyout /bitwarden/ssl/self/{Domain}/private.key " +
-                    $"-out /bitwarden/ssl/self/{Domain}/certificate.crt " +
-                    $"-subj \"/C=US/ST=New York/L=New York/O=8bit Solutions LLC/OU=Bitwarden/CN={Domain}\"");
+                Console.Write("(!) Do you want to generate a self-signed SSL certificate? (y/n): ");
+                if(Console.ReadLine().ToLowerInvariant() == "y")
+                {
+                    Directory.CreateDirectory($"/bitwarden/ssl/self/{Domain}/");
+                    Console.WriteLine("Generating self signed SSL certificate.");
+                    Ssl = selfSignedSsl = true;
+                    Helpers.Exec("openssl req -x509 -newkey rsa:4096 -sha256 -nodes -days 365 " +
+                        $"-keyout /bitwarden/ssl/self/{Domain}/private.key " +
+                        $"-out /bitwarden/ssl/self/{Domain}/certificate.crt " +
+                        $"-subj \"/C=US/ST=New York/L=New York/O=8bit Solutions LLC/OU=Bitwarden/CN={Domain}\"");
+                }
             }
 
             if(LetsEncrypt)
diff --git a/util/Setup/NginxConfigBuilder.cs b/util/Setup/NginxConfigBuilder.cs
index 490ceed3cd..06f058e182 100644
--- a/util/Setup/NginxConfigBuilder.cs
+++ b/util/Setup/NginxConfigBuilder.cs
@@ -9,8 +9,8 @@ namespace Bit.Setup
             "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:" +
             "DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:" +
             "ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:" +
-            "ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:" +
-            "AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4:@STRENGTH";
+            "ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:" +
+            "AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4:@STRENGTH";
 
         public NginxConfigBuilder(string domain, string url, bool ssl, bool selfSignedSsl, bool letsEncrypt)
         {
diff --git a/util/Setup/Program.cs b/util/Setup/Program.cs
index dc4cc495b8..79e9384c44 100644
--- a/util/Setup/Program.cs
+++ b/util/Setup/Program.cs
@@ -78,7 +78,7 @@ namespace Bit.Setup
                 {
                     Directory.CreateDirectory($"/bitwarden/ssl/{domain}/");
                     Console.WriteLine("Make sure 'certificate.crt' and 'private.key' are provided in the " +
-                        "appropriate directory (see setup instructions).");
+                        "appropriate directory (see docs for info).");
                 }
             }