|
|
|
@ -170,18 +170,15 @@ keyUsage = critical, digitalSignature, keyEncipherment, keyCertSign
|
|
|
|
|
[ v3_req_server ]
|
|
|
|
|
basicConstraints = CA:FALSE
|
|
|
|
|
keyUsage = critical, digitalSignature, keyEncipherment
|
|
|
|
|
extendedKeyUsage = serverAuth
|
|
|
|
|
subjectAltName = @alt_names
|
|
|
|
|
[ alt_names ]"
|
|
|
|
|
extendedKeyUsage = serverAuth"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if [ $ARG_NOSAN -ne 1 ]; then
|
|
|
|
|
if [ -z $ARG_NOSAN ]; then
|
|
|
|
|
# Gather IPs for SAN
|
|
|
|
|
|
|
|
|
|
i=1
|
|
|
|
|
IPS="$(getent ahostsv4 $(hostname) | awk '{print $1}' |sort | uniq)"
|
|
|
|
|
echo "[${ME}] Found these IPs: " ${IPS}
|
|
|
|
|
PAYLOAD="$(for IP in $IPS; do echo "IP.${i} = ${IP}" ; i=$((i + 1)); done)"
|
|
|
|
|
PAYLOAD="subjectAltName = @alt_names\n[ alt_names ]\n$(for IP in $IPS; do echo "IP.${i} = ${IP}" ; i=$((i + 1)); done)"
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
printf "${OPENSSL_CONFIG_CONTENT}\n${PAYLOAD}\n" > "${OPENSSL_CONFIG}"
|
|
|
|
|