From ef6f121491d0ad3513644c7f5716253be22c9878 Mon Sep 17 00:00:00 2001 From: Joshua Tauberer Date: Sun, 28 Jan 2018 08:41:31 -0500 Subject: [PATCH] when generating a CSR in the control panel, don't set empty attributes Same as in a52c56e57178d38d9b1d6d2528aae5ac3d712d2c. Fixes #1338. --- CHANGELOG.md | 7 +++++++ management/ssl_certificates.py | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9d0e757..9aaa838 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,13 @@ CHANGELOG ========= +In Development +-------------- + +Control Panel: + +* Installing your own TLS/SSL certificate had been broken since v0.24 because the new version of openssl became stricter about CSR generation parameters. + v0.26b (January 25, 2018) ------------------------- diff --git a/management/ssl_certificates.py b/management/ssl_certificates.py index 19d02de..c6b5080 100755 --- a/management/ssl_certificates.py +++ b/management/ssl_certificates.py @@ -556,7 +556,7 @@ def create_csr(domain, ssl_key, country_code, env): "openssl", "req", "-new", "-key", ssl_key, "-sha256", - "-subj", "/C=%s/ST=/L=/O=/CN=%s" % (country_code, domain)]) + "-subj", "/C=%s/CN=%s" % (country_code, domain)]) def install_cert(domain, ssl_cert, ssl_chain, env, raw=False): # Write the combined cert+chain to a temporary path and validate that it is OK.