Commit ce4f93e6 authored by Nigel Kukard's avatar Nigel Kukard

Properly set the primary domain used when applying for the cert

parent 49718fc5
...@@ -218,18 +218,17 @@ sub webserverCheckNginx ...@@ -218,18 +218,17 @@ sub webserverCheckNginx
$self->logger("INFO","NGINX: Processing vhost '%s'",$vhostName); $self->logger("INFO","NGINX: Processing vhost '%s'",$vhostName);
# Open config file # Open config file
if (open(my $FH,'<',$vhost->{'config'})) { if (open(my $FH,'<',$vhost->{'config'})) {
$vhost->{'config_content'} = "";
# Read in each line # Read in each line
my @serverNames = ();
while (my $line = <$FH>) { while (my $line = <$FH>) {
$vhost->{'config_content'} .= $line; # Regex out the server name
} if ($line =~ /^\s*server_name\s+(\S+);/) {
close($FH); my $serverName = $1;
$vhost->{'server_names'}->{$serverName} = 1;
}
# Parse the file...
my @serverNames = $vhost->{'config_content'} =~ m/server_name\s+(\S+);/g;
foreach my $serverName (@serverNames) {
$vhost->{'server_names'}->{$serverName} = 1;
} }
close($FH);
} else { } else {
$self->logger("ERROR","NGINX: - Failed to open config file '%s', SKIPPING this vhost",$vhost->{'config'}); $self->logger("ERROR","NGINX: - Failed to open config file '%s', SKIPPING this vhost",$vhost->{'config'});
...@@ -384,7 +383,7 @@ SKIP: ...@@ -384,7 +383,7 @@ SKIP:
} }
# Retrieve certificate # Retrieve certificate
my $certs = $self->certificateRetrieve(); my $certs = $self->certificateRetrieve($vhostName);
$self->logger("INFO","WEBSERVER: Writing certificates"); $self->logger("INFO","WEBSERVER: Writing certificates");
...@@ -881,7 +880,7 @@ sub domainVerify ...@@ -881,7 +880,7 @@ sub domainVerify
# Retrieve certificate # Retrieve certificate
sub certificateRetrieve sub certificateRetrieve
{ {
my $self = shift; my ($self,$primaryDomain) = @_;
# Check that we're ready # Check that we're ready
...@@ -895,6 +894,9 @@ sub certificateRetrieve ...@@ -895,6 +894,9 @@ sub certificateRetrieve
# Grab domain list # Grab domain list
my @domainList = @{$self->{'domains_verified'}}; my @domainList = @{$self->{'domains_verified'}};
# use the first domain as the primary if its not specified
$primaryDomain //= $domainList[0];
$self->logger("INFO","LE: - Creating key"); $self->logger("INFO","LE: - Creating key");
# Create certificate key # Create certificate key
...@@ -915,10 +917,10 @@ sub certificateRetrieve ...@@ -915,10 +917,10 @@ sub certificateRetrieve
# Create CSR # Create CSR
my $csr = Crypt::OpenSSL::PKCS10->new_from_rsa($rsa); my $csr = Crypt::OpenSSL::PKCS10->new_from_rsa($rsa);
$self->logger("INFO","LE: - Adding CN '%s'",$domainList[0]); $self->logger("INFO","LE: - Adding CN '%s'",$primaryDomain);
# Add the CN # Add the CN
$csr->set_subject(sprintf('/CN=%s',$domainList[0])); $csr->set_subject(sprintf('/CN=%s',$primaryDomain));
# Add alternate names # Add alternate names
if (@domainList > 1) { if (@domainList > 1) {
...@@ -1517,7 +1519,7 @@ use Getopt::Long; ...@@ -1517,7 +1519,7 @@ use Getopt::Long;
my $NAME = "AWIT-CertMaster"; my $NAME = "AWIT-CertMaster";
our $VERSION = "1.0.2"; our $VERSION = "1.0.3";
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment