Merge "Add subjectAltName back to CSR config"

This commit is contained in:
Jenkins 2016-04-13 09:25:36 +00:00 committed by Gerrit Code Review
commit 39e8e1f054
3 changed files with 7 additions and 22 deletions

View File

@ -82,10 +82,7 @@ CN = kubernetes.invalid
[req_ext]
keyUsage=critical,digitalSignature,keyEncipherment
extendedKeyUsage=clientAuth
# TODO(hongbin): This is a temporary work-around for a gate breakage.
# Need to investigate the issue and revert this temporary fix.
# Bug #1568212 - '\xac\x18\x05\x07' does not appear to be an IPv4 or IPv6 address
#subjectAltName=dirName:kubelet,dirName:kubeproxy
subjectAltName=dirName:kubelet,dirName:kubeproxy
[kubelet]
CN=kubelet
[kubeproxy]

View File

@ -87,10 +87,7 @@ prompt = no
[req_distinguished_name]
CN = kubernetes.invalid
[req_ext]
# TODO(hongbin): This is a temporary work-around for a gate breakage.
# Need to investigate the issue and revert this temporary fix.
# Bug #1568212 - '\xac\x18\x05\x07' does not appear to be an IPv4 or IPv6 address
#subjectAltName = ${sans}
subjectAltName = ${sans}
extendedKeyUsage = clientAuth,serverAuth
EOF

View File

@ -40,11 +40,7 @@ copy_extensions = copyall
[req_distinguished_name]
CN = swarm.invalid
[req_ext]
# TODO(hongbin): This is a temporary work-around for a gate breakage.
# Need to investigate the issue and revert this temporary fix.
# Bug #1568212 - '\xac\x18\x05\x07' does not appear to be an IPv4 or IPv6
# address
#subjectAltName = %(subject_alt_names)s
subjectAltName = %(subject_alt_names)s
extendedKeyUsage = clientAuth,serverAuth
"""
@ -103,15 +99,10 @@ def write_server_key():
def _write_csr_config(config):
with open(SERVER_CONF_PATH, 'w') as fp:
# TODO(hongbin): This is a temporary work-around for a gate breakage.
# Need to investigate the issue and revert this temporary fix.
# Bug #1568212 - '\xac\x18\x05\x07' does not appear to be an IPv4 or
# IPv6 address
# params = {
# 'subject_alt_names': _build_subject_alt_names(config)
# }
# fp.write(CSR_CONFIG_TEMPLATE % params)
fp.write(CSR_CONFIG_TEMPLATE)
params = {
'subject_alt_names': _build_subject_alt_names(config)
}
fp.write(CSR_CONFIG_TEMPLATE % params)
def create_server_csr(config):