Commit 1bfe2c68 authored by Leigh B Stoller's avatar Leigh B Stoller

Merge branch 'master' of git-public.flux.utah.edu:/flux/git/emulab-devel

parents 13419d72 0786a006
......@@ -132,13 +132,16 @@ if( $? == -1 ) {
die( "refusing to overwrite $originalfile" );
rename( "$TB/etc/emulab.pem", "$originalfile" ) or
die( "could not rename root certificate" );
my $serial = TBGetUniqueIndex( "user_sslcerts" );
# Save the new certificate to a temporary file: OpenSSL will reuse the
# plain text from the old certificate instead of the current version,
# so we regenerate the whole thing once we've finished to avoid
# horrible confusion.
system( "$OPENSSL x509 -days 2000 -text -extfile $extfile " .
"-signkey $TB/etc/emulab.key < $originalfile " .
"> $TB/etc/emulab.tmp" );
"-set_serial $serial -signkey $TB/etc/emulab.key " .
"< $originalfile > $TB/etc/emulab.tmp" );
# For some reason, OpenSSL can return non-zero even when the certificate
# generation succeeded. Check the output file instead.
if( !( -s "$TB/etc/emulab.tmp" ) ) {
......
......@@ -15,7 +15,7 @@ L = @SSLCERT_LOCALITY@
O = @SSLCERT_ORGNAME@
OU = Server
# tmcc uses CN for verification.
CN = @BOSSNODE@
CN = @WWWHOST@
emailAddress = @TBOPSEMAIL@
[ req_attributes ]
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment