Commit 0167d32f authored by Thomas Gambier's avatar Thomas Gambier 🚴🏼

certificate_authority: unique_subject = no

"openssl ca" is keeping track of all generated certificates in its DB.
If we try to regenerate a certificate that was already generated,
openssl ca fails with :

ERROR:There is already a certificate for /C=XX/ST=(State,)/O=Company/CN=ca-shellinabox/emailAddress=xx@example.com

Changing "unique_subject" to no removes thie ERROR.
parent 3ccb59f3
...@@ -43,7 +43,7 @@ dir = %(working_directory)s # Where everything is kept ...@@ -43,7 +43,7 @@ dir = %(working_directory)s # Where everything is kept
certs = $dir/certs # Where the issued certs are kept certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file. database = $dir/index.txt # database index file.
#unique_subject = no # Set to 'no' to allow creation of unique_subject = no # Set to 'no' to allow creation of
# several ctificates with same subject. # several ctificates with same subject.
new_certs_dir = $dir/newcerts # default place for new certs. new_certs_dir = $dir/newcerts # default place for new certs.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment