Commit ffc77695 authored by Dimitris Aragiorgis's avatar Dimitris Aragiorgis Committed by Stratos Psomadakis

deploy: Fix CA creation

The CN of the certificate should match with the server's domain
name. Fix this.
Signed-off-by: default avatarDimitris Aragiorgis <>
parent 2312ade3
......@@ -35,7 +35,7 @@ openssl genpkey -algorithm RSA -out $KEY -pkeyopt rsa_keygen_bits:2048
echo [$CSR] Generating certificate request for services...
openssl req -new -key $KEY -days 1096 -extensions v3_ca -batch \
-out $CSR -utf8 -subj '/OU=SynnefoCloudServices/'
-out $CSR -utf8 -subj '/OU=SynnefoCloudServices/CN=%DOMAIN%'
echo [$CERT] Generating certificate for services...
openssl x509 -req -sha256 -days 1096 -in $CSR \
......@@ -583,7 +583,7 @@ class CA(base.Component):
"domain": self.node.domain,
return [
("/root/", {}, {"mode": 0755}),
("/root/", r1, {"mode": 0755}),
("/root/ca/ca-x509-extensions.cnf", r1, {}),
("/root/ca/x509-extensions.cnf", r1, {}),
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment