CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add masterhostname & masterip to fleet.crt as SAN

Browse Source
This commit is contained in:
Josh Brower
2019-03-26 20:26:57 -04:00
committed by GitHub
parent 5d2097cf77
commit 9df8ccac7b
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/ssl/init.sls
View File

@@ -1,4 +1,5 @@
{% set master = salt['grains.get']('master') %} {% set master = salt['grains.get']('master') %}
{%- set masterip = salt['pillar.get']('static:masterip', '') -%}
# Trust the CA # Trust the CA
@@ -109,6 +110,7 @@ fbcrtlink:
x509.certificate_managed: x509.certificate_managed:
- signing_private_key: /etc/pki/fleet.key - signing_private_key: /etc/pki/fleet.key
- CN: {{ master }} - CN: {{ master }}
- subjectAltName: DNS:{{ master }},IP:{{ masterip }}
- days_remaining: 0 - days_remaining: 0
- days_valid: 3650 - days_valid: 3650
- backup: True - backup: True