particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

tools: Add internal container names to certs

Browse source 
We add both localhost and the internal container names of each service
to the certificates so both VM and containerised setups should work with
the same setup.
This commit is contained in:
Achilleas Koutsou 2021-01-15 16:09:09 +01:00 committed by Tom Gundersen
parent 0069f9d3f9
commit 4b1581a71c
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
tools/gen-certs.sh
View file

@ -45,7 +45,7 @@ pushd "$CADIR"
-new -nodes \
-out /tmp/composer-csr.pem \
-subj "/CN=localhost/emailAddress=osbuild@example.com" \
-addext "subjectAltName=DNS:localhost"
-addext "subjectAltName=DNS:localhost, DNS:composer"
openssl ca -batch -config "$OPENSSL_CONFIG" \
-extensions osbuild_server_ext \
@ -58,7 +58,7 @@ pushd "$CADIR"
-new -nodes \
-out /tmp/worker-csr.pem \
-subj "/CN=localhost/emailAddress=osbuild@example.com" \
-addext "subjectAltName=DNS:localhost"
-addext "subjectAltName=DNS:localhost, DNS:worker"
openssl ca -batch -config "$OPENSSL_CONFIG" \
-extensions osbuild_client_ext \