summaryrefslogtreecommitdiffstats
path: root/lib/puppet/sslcertificates.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/puppet/sslcertificates.rb')
-rwxr-xr-xlib/puppet/sslcertificates.rb11
1 files changed, 10 insertions, 1 deletions
diff --git a/lib/puppet/sslcertificates.rb b/lib/puppet/sslcertificates.rb
index e9d544125..bd0ce8c92 100755
--- a/lib/puppet/sslcertificates.rb
+++ b/lib/puppet/sslcertificates.rb
@@ -61,7 +61,16 @@ module Puppet::SSLCertificates
key_usage = %w{cRLSign keyCertSign}
when :server:
basic_constraint = "CA:FALSE"
- hash[:dnsnames].split(':').each { |d| subject_alt_name << 'DNS:' + d } if hash[:dnsnames]
+ dnsnames = Puppet[:certdnsnames]
+ name = hash[:name].to_s.sub(%r{/CN=},'')
+ if dnsnames != ""
+ dnsnames.split(':').each { |d| subject_alt_name << 'DNS:' + d }
+ subject_alt_name << 'DNS:' + name # Add the fqdn as an alias
+ elsif name == Facter.value(:fqdn) # we're a CA server, and thus probably the server
+ subject_alt_name << 'DNS:' + "puppet" # Add 'puppet' as an alias
+ subject_alt_name << 'DNS:' + name # Add the fqdn as an alias
+ subject_alt_name << 'DNS:' + name.sub(/^[^.]+./, "puppet.") # add puppet.domain as an alias
+ end
key_usage = %w{digitalSignature keyEncipherment}
ext_key_usage = %w{serverAuth clientAuth}
when :ocsp:
generated by cgit (git 2.34.1) at 2024-10-01 05:32:00 +0000