Add Subject Alternative Names to self-siged certificate #30

kelke · 2024-03-19T14:27:14Z

When using the self-signed certificate generated by openssl for nginx, only the Common Name is used for validating requests.
This behaviour is deprecated and will be removed from certain libraries in the future:
Feature: Remove support for common names in certificates
Remove support for common names in certificates; only support Subject Alt Names

I have noticed this while using the REST API with the python requests library, which generated the following warning for each request:

This commit does not delete existing certificates, only adds the SAN extension to newly generated ones.
I included:

Tested on debian 12 using the latest docker engine by docker.com

ostefano · 2024-03-21T08:30:17Z

Thank you for the PR. Will merge it before the next version of MISP is released 👍

kelke · 2024-03-26T08:54:55Z

I did not realize i changed the permissions, sorry about that!

ostefano · 2024-03-26T08:58:13Z

@kelke Yep, noticed, and fixed it, no worries.

add subject alternative names to self-siged certificate

3268ed9

ostefano added the enhancement New feature or request label Mar 21, 2024

ostefano self-assigned this Mar 21, 2024

ostefano approved these changes Mar 24, 2024

View reviewed changes

ostefano merged commit 92c2219 into MISP:master Mar 24, 2024
1 check passed

kelke deleted the x509-subject-alt-names branch March 26, 2024 08:55

Provide feedback