xCAT/confluent
2
0
Fork 0
mirror of https://github.com/xcat2/confluent.git synced 2024-11-26 19:40:12 +00:00
Code Issues Projects Releases Wiki Activity
2,512 Commits 39 Branches 63 Tags 18 MiB
f7dcabc1ab
Commit Graph

8 Commits

Author SHA1 Message Date
Jarrod Johnson
051b8259fd Update certutil to update site tls 
This puts the certificate in a location
to be picked up by installers,
complete with subject_hash
so that SuSE can easily pull
them in.
 2020-04-22 13:33:31 -04:00
Jarrod Johnson
a3f7fc12b5 Include fe80 in cert 
fe80 is needed and a valid
thing to assert.
 2020-04-10 09:59:53 -04:00
Jarrod Johnson
8fb206b1f7 Fix cert util on pythoen3 
python 3 had bytes and not str and need to be
decoded before string operations.
 2020-03-16 09:27:34 -04:00
Jarrod Johnson
6ade0952c7 Workaround incorrect TLS clients 
Standards compliant TLS clients require
that IP addresses be compared against
IP type SAN fields.

However, some firmware ignores IP fields and only checks DNS fields.

Workaround and provide compatibility
by duplicating the IP as DNS and IP fields.

Also, clean up the temporary config file when done.
 2020-03-12 19:06:05 -04:00
Jarrod Johnson
114324f513 Add CA to self signed cert constraints 
Some applications require this be set for it to work
as an enrolled certificate.  Notably UEFI
requires this.
 2020-02-24 15:34:55 -05:00
Jarrod Johnson
3bc366bef4 Fix mistake in the cert util 2020-02-03 15:37:20 -05:00
Jarrod Johnson
4dab5fc527 Adapt to RHEL or Debian openssl config locations 2019-08-05 16:16:42 -04:00
Jarrod Johnson
8a03bc48de Tentatively store certutil 
Commit to repository, even though not yet used.  It is likely to
be renamed.  The purpose is to help generate an appropriate self signed
cert for https including all the ip addresses as subject alternative
names so that names or addresses may be used with installers that
have had the cert injected.
 2018-12-11 13:51:46 -05:00