Generate new ca_email for ssl cert issuer for each software instance.

This is okay for kvm case, where only one cert is requested only once.

Generate new ca_email for ssl cert issuer for each software instance.
This is okay for kvm case, where only one cert is requested only once.
bfb4669a · Cédric de Saint Martin · 6add7c95 · bfb4669a
Commit bfb4669a authored Nov 23, 2011 by Cédric de Saint Martin
Show whitespace changes
Inline Side-by-side

Showing with 3 additions and 1 deletion

slapos/recipe/kvm/__init__.py slapos/recipe/kvm/__init__.py +3 -1

No files found.
--- a/slapos/recipe/kvm/__init__.py
+++ b/slapos/recipe/kvm/__init__.py
@@ -54,7 +54,9 @@ class Recipe(BaseSlapRecipe):
    self.requirements, self.ws           = self.egg.working_set()
    self.cron_d                          = self.installCrond()

-    self.ca_conf                         = self.installCertificateAuthority()
+    ca_email = binascii.hexlify(os.urandom(10))
+    self.ca_conf                         = self.installCertificateAuthority(
+                                               ca_email = ca_email)
    self.key_path, self.certificate_path = self.requestCertificate('noVNC')

    # Install the socket_connection_attempt script