Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
Remove client sans #40
Conversation
mbruzek
added some commits
May 23, 2016
|
Fixes #39 |
|
I built the tls layer into the etcd charm and looked at the client certificate, it no longer has the SANs of the leader. http://paste.ubuntu.com/18705474/ |
chuckbutler
reviewed
Jul 7, 2016
| - create_certificates() | ||
| + hookenv.log('Leader is creating the server certificate.') | ||
| + # Remove the path characters from the unit name tls/0 -> tls_0. | ||
| + path_safe_name = hookenv.local_unit().replace('/', '_') |
|
+1 LGTM. one question left inline, but it shouldn't hold anything up |
chuckbutler
merged commit ae9692c
into
master
Jul 7, 2016
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
mbruzek commentedJul 7, 2016
A user of the tls layer had questions about how it was generated. I saw that we are adding Subject Alternate Names to the client certificate when that does not need to be the case.
This PR re-works the client cert/key generation to not include SANs from the leader.