From 91dcd0f82afb133e74ea9e852e472205a5fa50f4 Mon Sep 17 00:00:00 2001 From: Alessio Treglia Date: Fri, 2 Nov 2018 08:17:57 +0000 Subject: [PATCH 1/2] Include DNS alt name in certificate Closes: #2664 --- client/lcd/certificates.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/client/lcd/certificates.go b/client/lcd/certificates.go index f47f2397c7..0ec527e134 100644 --- a/client/lcd/certificates.go +++ b/client/lcd/certificates.go @@ -38,12 +38,13 @@ func generateSelfSignedCert(host string) (certBytes []byte, priv *ecdsa.PrivateK Subject: pkix.Name{ Organization: []string{"Gaia Lite"}, }, + DNSNames: []string{"localhost"}, NotBefore: notBefore, NotAfter: notAfter, KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign, ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, BasicConstraintsValid: true, - IsCA: true, + IsCA: true, } hosts := strings.Split(host, ",") for _, h := range hosts { From a0a6bad4c03a572b905b4bd310874250b51df48b Mon Sep 17 00:00:00 2001 From: Alessio Treglia Date: Fri, 2 Nov 2018 13:37:23 +0000 Subject: [PATCH 2/2] Fix test --- client/lcd/certificates_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/lcd/certificates_test.go b/client/lcd/certificates_test.go index 14bddfa0f8..3f48c194c2 100644 --- a/client/lcd/certificates_test.go +++ b/client/lcd/certificates_test.go @@ -17,7 +17,7 @@ func TestGenerateSelfSignedCert(t *testing.T) { cert, err := x509.ParseCertificate(certBytes) require.Nil(t, err) require.Equal(t, 2, len(cert.IPAddresses)) - require.Equal(t, 1, len(cert.DNSNames)) + require.Equal(t, 2, len(cert.DNSNames)) require.True(t, cert.IsCA) }