Skip to content

Commit

Permalink
build_self_sign(): Resrict use of --req-cn and create LOCAL SSL config
Browse files Browse the repository at this point in the history 
Signed-off-by: Richard T Bonhomme <[email protected]>
  • Loading branch information
@TinCanTech
TinCanTech committed Jun 8, 2024
1 parent c0df0fe commit 75669d2
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions easyrsa3/easyrsa
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1898,6 +1898,17 @@ Run easyrsa without commands for usage and command help."
file_name_base="$1"
shift

# Prohibit --req-cn
[ "$EASYRSA_REQ_CN" = ChangeMe ] || user_error "\
Option conflict --req-cn:
* '$cmd' does not support setting an external commonName"

# Enforce commonName
export EASYRSA_REQ_CN="$file_name_base"

# create local SSL cnf
write_easyrsa_ssl_cnf_tmp

# Refuse option as name
case "$file_name_base" in
nopass)
Expand Down

0 comments on commit 75669d2

Please sign in to comment.