xCAT/confluent
2
0
Fork 0
mirror of https://github.com/xcat2/confluent.git synced 2024-11-26 03:19:48 +00:00
Code Issues Projects Releases Wiki Activity

Fix SUSE certificate handling

Browse Source 
SUSE requires things go through update-ca-certificates,
update the generated certs and the post to do that.
This commit is contained in:
Jarrod Johnson 2020-05-18 19:37:54 -04:00
parent b9cdf0d941
commit 540d0e1795
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
confluent_osdeploy/suse15/profiles/hpc/scripts/post.sh
View File

@ -44,4 +44,5 @@ cp /tmp/confluent.* /mnt/etc/confluent/
cp -a /tls /mnt/etc/confluent/
cp -a /tls/* /mnt/var/lib/ca-certificates/openssl
cp -a /tls/* /mnt/etc/ssl/certs
cp -a /tls/*.cert /etc/pki/trust/anchors

2
confluent_server/bin/confluentcertutil.py
View File

@ -53,7 +53,7 @@ def create_certificate(outdir):
shutil.copy2(sslcfg, tmpconfig)
try:
with open(tmpconfig, 'a') as cfgfile:
cfgfile.write('\n[SAN]\nsubjectAltName={0}'.format(san))
cfgfile.write('\n[SAN]i\nbasicConstraints = CA:true\nsubjectAltName={0}'.format(san))
subprocess.check_call([
'openssl', 'req', '-new', '-x509', '-key', keyout, '-days',
'7300', '-out', certout, '-subj', '/CN={0}'.format(longname),