Commit ffc77695 authored by Dimitris Aragiorgis's avatar Dimitris Aragiorgis Committed by Stratos Psomadakis

deploy: Fix CA creation

The CN of the certificate should match with the server's domain
name. Fix this.
Signed-off-by: default avatarDimitris Aragiorgis <dimitris.aragiorgis@gmail.com>
parent 2312ade3
......@@ -35,7 +35,7 @@ openssl genpkey -algorithm RSA -out $KEY -pkeyopt rsa_keygen_bits:2048
echo [$CSR] Generating certificate request for services...
openssl req -new -key $KEY -days 1096 -extensions v3_ca -batch \
-out $CSR -utf8 -subj '/OU=SynnefoCloudServices/CN=synnefo.live'
-out $CSR -utf8 -subj '/OU=SynnefoCloudServices/CN=%DOMAIN%'
echo [$CERT] Generating certificate for services...
openssl x509 -req -sha256 -days 1096 -in $CSR \
......
......@@ -583,7 +583,7 @@ class CA(base.Component):
"domain": self.node.domain,
}
return [
("/root/create_root_ca.sh", {}, {"mode": 0755}),
("/root/create_root_ca.sh", r1, {"mode": 0755}),
("/root/ca/ca-x509-extensions.cnf", r1, {}),
("/root/ca/x509-extensions.cnf", r1, {}),
]
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment