Skip to content

Commit 21ea886

Browse files
thejsjthejsj
committed
Fix changes in genClientCert
1 parent dea7658 commit 21ea886

1 file changed

Lines changed: 4 additions & 9 deletions

File tree

ansible/roles/docker_client/scripts/genClientCert.sh

Lines changed: 4 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -6,16 +6,11 @@ fi
66

77
echo 'WARN: hard coded alpha-api-old gamma-services and beta-services for SWARM'
88
if [[ $2 = '' ]]; then
9-
echo 'script requires a client ip address'
10-
exit 1
11-
fi
12-
13-
if [[ $3 = '' ]]; then
149
echo 'script requires a path for secrets'
1510
exit 1
1611
fi
1712

18-
CERT_PATH=$3
13+
CERT_PATH=$2
1914
if [ ! -d "$CERT_PATH" ]; then
2015
echo 'The specified directory for certs does not exist'
2116
fi
@@ -37,12 +32,12 @@ openssl req \
3732
chmod 400 "$CLIENT/client.csr"
3833

3934
echo extendedKeyUsage=clientAuth,serverAuth > "$CLIENT/extfile.cnf"
40-
echo subjectAltName=IP:$2 >> "$CLIENT/extfile.cnf"
35+
echo subjectAltName=IP:IP:127.0.0.1,DNS:localhost,DNS:swarm >> "$CLIENT/extfile.cnf"
4136

4237
# generate cert for client
4338
openssl x509 \
4439
-req \
45-
-days 365 \
40+
-days 3650 \
4641
-sha256 \
4742
-in "$CLIENT/client.csr" \
4843
-CA $CERT_PATH/ca.pem \
@@ -58,4 +53,4 @@ chmod 644 "$CLIENT/key.pem"
5853

5954
# cleanup files we do not need
6055
rm $CLIENT/extfile.cnf
61-
rm -f $CLIENT/client.csr
56+
rm $CLIENT/client.csr

0 commit comments

Comments
 (0)