From 68b980d6892ca9967d71b93e1e86f950367021dd Mon Sep 17 00:00:00 2001 From: Ahmet DEMIR Date: Thu, 13 Jan 2022 20:30:54 +0100 Subject: [PATCH] feat(authority): avoid hardcoded cn in authority csr --- authority/config/config.go | 4 ++++ authority/tls.go | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/authority/config/config.go b/authority/config/config.go index 75c32994..4e7a7b25 100644 --- a/authority/config/config.go +++ b/authority/config/config.go @@ -64,6 +64,7 @@ type Config struct { TLS *TLSOptions `json:"tls,omitempty"` Password string `json:"password,omitempty"` Templates *templates.Templates `json:"templates,omitempty"` + CommonName string `json:"commonName,omitempty"` } // ASN1DN contains ASN1.DN attributes that are used in Subject and Issuer @@ -169,6 +170,9 @@ func (c *Config) Init() { if c.AuthorityConfig == nil { c.AuthorityConfig = &AuthConfig{} } + if c.CommonName == "" { + c.CommonName = "Step Online CA" + } c.AuthorityConfig.init() } diff --git a/authority/tls.go b/authority/tls.go index cc049655..f6cd34c3 100644 --- a/authority/tls.go +++ b/authority/tls.go @@ -509,7 +509,7 @@ func (a *Authority) GetTLSCertificate() (*tls.Certificate, error) { } // Create initial certificate request. - cr, err := x509util.CreateCertificateRequest("Step Online CA", a.config.DNSNames, signer) + cr, err := x509util.CreateCertificateRequest(a.config.CommonName, a.config.DNSNames, signer) if err != nil { return fatal(err) }