Commit 25019aaf authored by Stefan Fritsch's avatar Stefan Fritsch

Always put the common name also in the SubjectAltName

parent 4f2db9b9
ssl-cert (1.0.39) UNRELEASED; urgency=medium
* Always put the common name also in the SubjectAltName. This is required
to make newer web browsers happy. Closes: #861185
The wording in the debconf questions will be adjusted later, to avoid
having to fix so many translation shortly before the release.
-- Stefan Fritsch <sf@debian.org> Fri, 28 Apr 2017 21:54:42 +0200
ssl-cert (1.0.38) unstable; urgency=medium
* Update Turkish translation. Thanks to Atila KOÇ. Closes: #807559
......
......@@ -32,8 +32,10 @@ ask_via_debconf() {
db_input high make-ssl-cert/altname || true
db_go
db_get make-ssl-cert/altname
AltName="$RET"
AddAltName="$RET"
db_fset make-ssl-cert/altname seen false
SubjectAltName="DNS:$HostName"
[ -z "$AddAltName" ] || SubjectAltName="$SubjectAltName,$AddAltName"
}
make_snakeoil() {
......@@ -44,15 +46,14 @@ make_snakeoil() {
echo make-ssl-cert: 'make-ssl-cert generate-default-snakeoil --force-overwrite'
echo make-ssl-cert: again.
fi
SubjectAltName="DNS:$HostName"
if [ ${#HostName} -gt 64 ] ; then
AltName="DNS:$HostName"
HostName="$(hostname)"
fi
}
create_temporary_cnf() {
sed -e s#@HostName@#"$HostName"# $template > $TMPFILE
[ -z "$AltName" ] || echo "subjectAltName=$AltName" >> $TMPFILE
sed -e s#@HostName@#"$HostName"# -e s#@SubjectAltName@#"$SubjectAltName"# $template > $TMPFILE
}
# Takes two arguments, the base layout and the output cert.
......
......@@ -18,3 +18,4 @@ commonName = @HostName@
[ v3_req ]
basicConstraints = CA:FALSE
subjectAltName = @SubjectAltName@
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment