fixup! fixup! Fixes #17332: At relay install time, if the domain is n…

…ot defined the server certificate can not be issued Fixes #17332: At relay install time, if the domain is not defined the server certificate can not be issued
Normation · May 5, 2020 · 400e803 · 400e803
1 parent 73c5699
commit 400e803
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/relay/sources/rudder-server-relay-postinst b/relay/sources/rudder-server-relay-postinst
@@ -74,8 +74,8 @@ done
 # Generate certificates if needed
 if [ ! -f /opt/rudder/etc/ssl/rudder.crt ] || [ ! -f /opt/rudder/etc/ssl/rudder.key ]; then
   echo -n "INFO: No usable SSL certificate detected for Rudder relay HTTPS support, generating one automatically..."
-  MACHINE_NAME=$(hostname --fqdn 2>/dev/null || hostname)
-  SUBJALTNAME=DNS:$MACHINE_NAME openssl req -new -x509 -newkey rsa:2048 -subj "/C=FR/ST=France/L=Paris/CN=${MACHINE_NAME}/emailAddress=root@${MACHINE_NAME}/" -keyout /opt/rudder/etc/ssl/rudder.key -out /opt/rudder/etc/ssl/rudder.crt -days 1460 -nodes -sha256 -config /opt/rudder/etc/ssl/openssl.cnf -extensions server_cert >/dev/null
+  MACHINE_NAME=$(hostname --fqdn) || MACHINE_NAME=$(hostname)
+  SUBJALTNAME=DNS:${MACHINE_NAME} openssl req -new -x509 -newkey rsa:2048 -subj "/C=FR/ST=France/L=Paris/CN=${MACHINE_NAME}/emailAddress=root@${MACHINE_NAME}/" -keyout /opt/rudder/etc/ssl/rudder.key -out /opt/rudder/etc/ssl/rudder.crt -days 1460 -nodes -sha256 -config /opt/rudder/etc/ssl/openssl.cnf -extensions server_cert >/dev/null
   chgrp ${APACHE_GROUP} /opt/rudder/etc/ssl/rudder.key && chmod 640 /opt/rudder/etc/ssl/rudder.key
   echo " Done"
 fi