Commit a929568b authored by Thomas Gambier's avatar Thomas Gambier 🚴🏼 Committed by Matevz Golob

certificate_authority: unique_subject = no

"openssl ca" is keeping track of all generated certificates in its DB.
If we try to regenerate a certificate that was already generated,
openssl ca fails with :

ERROR:There is already a certificate for /C=XX/ST=(State,)/O=Company/CN=ca-shellinabox/emailAddress=xx@example.com

Changing "unique_subject" to no removes this ERROR.

/reviewed-on nexedi/slapos!556
parent f26a3316
......@@ -43,7 +43,7 @@ dir = %(working_directory)s # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
#unique_subject = no # Set to 'no' to allow creation of
unique_subject = no # Set to 'no' to allow creation of
# several ctificates with same subject.
new_certs_dir = $dir/newcerts # default place for new certs.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment