openstack/devstack
Code Issues Proposed changes

Merge "Allow IP-based subject alt names"

Browse Source
This commit is contained in:
Zuul 2020-07-07 08:43:50 +00:00 committed by Gerrit Code Review
commit d3b41b528d
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/tls
View File

@ -249,9 +249,13 @@ function make_cert {
if [ "$common_name" != "$SERVICE_HOST" ]; then if [ "$common_name" != "$SERVICE_HOST" ]; then
if is_ipv4_address "$SERVICE_HOST" ; then if is_ipv4_address "$SERVICE_HOST" ; then
if [[ -z "$alt_names" ]]; then
alt_names="IP:$SERVICE_HOST"
else
alt_names="$alt_names,IP:$SERVICE_HOST" alt_names="$alt_names,IP:$SERVICE_HOST"
fi fi
fi fi
fi
# Only generate the certificate if it doesn't exist yet on the disk # Only generate the certificate if it doesn't exist yet on the disk
if [ ! -r "$ca_dir/$cert_name.crt" ]; then if [ ! -r "$ca_dir/$cert_name.crt" ]; then