From e59acb4b02b689021906923095f4104c30734751 Mon Sep 17 00:00:00 2001 From: Matt Shin Date: Wed, 15 Mar 2017 10:08:45 +0000 Subject: [PATCH] Fix common name of SSL cert Use suite host name instead of suite name. --- lib/cylc/suite_srv_files_mgr.py | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/lib/cylc/suite_srv_files_mgr.py b/lib/cylc/suite_srv_files_mgr.py index 4618682c8f3..199e70c04e6 100644 --- a/lib/cylc/suite_srv_files_mgr.py +++ b/lib/cylc/suite_srv_files_mgr.py @@ -425,12 +425,12 @@ def register(self, reg, source=None): random.sample(self.PASSPHRASE_CHARSET, self.PASSPHRASE_LEN))) # Load or create SSL private key for the suite. - pkey_obj = self._get_ssl_pem(srv_d, reg) + pkey_obj = self._get_ssl_pem(srv_d) # Load or create SSL certificate for the suite. - self._get_ssl_cert(srv_d, reg, pkey_obj) + self._get_ssl_cert(srv_d, pkey_obj) - def _get_ssl_pem(self, path, reg): + def _get_ssl_pem(self, path): """Load or create ssl.pem file for suite in path. Key for signing the SSL certificate file. @@ -453,7 +453,7 @@ def _get_ssl_pem(self, path, reg): crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey_obj)) return pkey_obj - def _get_ssl_cert(self, path, reg, pkey_obj): + def _get_ssl_cert(self, path, pkey_obj): """Load or create ssl.cert file for suite in path. Self-signed SSL certificate file. @@ -463,12 +463,12 @@ def _get_ssl_cert(self, path, reg, pkey_obj): except ImportError: # OpenSSL not installed, so we can't use HTTPS anyway. return - # Use suite name as the 'common name', but no more than 64 chars. - common_name = reg - if len(reg) > 64: - common_name = reg[:61] + "..." - # See https://github.com/kennethreitz/requests/issues/2621 + # Use suite host as the 'common name', but no more than 64 chars. host = get_suite_host() + common_name = host + if len(common_name) > 64: + common_name = common_name[:61] + "..." + # See https://github.com/kennethreitz/requests/issues/2621 ext = crypto.X509Extension( "subjectAltName", False,