From 0678c2d8107dbb5eaa7c4c7dbb97c9db3064b69a Mon Sep 17 00:00:00 2001
From: Seth Vidal <skvidal@fedoraproject.org>
Date: Fri, 28 Sep 2007 13:01:36 -0400
Subject: make sure we have the fqdn of the certmaster in the CN of the
 certificate authority key

---
 func/certmaster.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/func/certmaster.py b/func/certmaster.py
index 0c1f333..bcff926 100755
--- a/func/certmaster.py
+++ b/func/certmaster.py
@@ -24,6 +24,7 @@ import os.path
 from OpenSSL import crypto
 import sha
 import glob
+import socket
 
 #from func.server import codes
 import certs
@@ -35,13 +36,14 @@ from commonconfig import CMConfig
 class CertMaster(object):
     def __init__(self, conf_file):
         self.cfg = read_config(conf_file, CMConfig)
+        mycn = '%s-CA-KEY' % socket.getfqdn()
         self.ca_key_file = '%s/funcmaster.key' % self.cfg.cadir
         self.ca_cert_file = '%s/funcmaster.crt' % self.cfg.cadir
         try:
             if not os.path.exists(self.cfg.cadir):
                 os.makedirs(self.cfg.cadir)
             if not os.path.exists(self.ca_key_file) and not os.path.exists(self.ca_cert_file):
-                certs.create_ca(ca_key_file=self.ca_key_file, ca_cert_file=self.ca_cert_file)
+                certs.create_ca(CN=mycn, ca_key_file=self.ca_key_file, ca_cert_file=self.ca_cert_file)
         except (IOError, OSError), e:
             print 'Cannot make certmaster certificate authority keys/certs, aborting: %s' % e
             sys.exit(1)
-- 
cgit