Start9/start-os
2
0
Fork 0
mirror of https://github.com/Start9Labs/start-os.git synced 2026-03-26 02:11:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

generate unique ca names based off of server id

Browse Source
This commit is contained in:
Keagan McClelland
2022-06-06 18:53:55 -06:00
parent 183c5cda14
commit 334437f677
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
backend/src/net/ssl.rs
View File

@@ -164,7 +164,8 @@ impl SslManager {
let (root_key, root_cert) = match store.load_root_certificate().await? {
None => {
let root_key = generate_key()?;
let root_cert = make_root_cert(&root_key)?;
let server_id = crate::hostname::get_id().await?;
let root_cert = make_root_cert(&root_key, &server_id)?;
store.save_root_certificate(&root_key, &root_cert).await?;
Ok::<_, Error>((root_key, root_cert))
}
@@ -307,7 +308,7 @@ fn generate_key() -> Result<PKey<Private>, Error> {
Ok(key)
}
#[instrument]
fn make_root_cert(root_key: &PKey<Private>) -> Result<X509, Error> {
fn make_root_cert(root_key: &PKey<Private>, server_id: &str) -> Result<X509, Error> {
let mut builder = X509Builder::new()?;
builder.set_version(CERTIFICATE_VERSION)?;
@@ -320,7 +321,8 @@ fn make_root_cert(root_key: &PKey<Private>) -> Result<X509, Error> {
builder.set_serial_number(&*rand_serial()?)?;
let mut subject_name_builder = X509NameBuilder::new()?;
subject_name_builder.append_entry_by_text("CN", "Embassy Local Root CA")?;
subject_name_builder
.append_entry_by_text("CN", &format!("Embassy Local Root CA ({})", server_id))?;
subject_name_builder.append_entry_by_text("O", "Start9")?;
subject_name_builder.append_entry_by_text("OU", "Embassy")?;
let subject_name = subject_name_builder.build();