Martchus
/
syncthing
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

lib/tlsutil: Add O and OU to generated certificates (fixes #7108) (#7109)

This commit is contained in:
Jakob Borg 2020-11-09 17:02:56 +01:00 committed by GitHub
parent 31559e908b
commit 846b265430
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/tlsutil/tlsutil.go
View File

@ -99,12 +99,15 @@ func NewCertificate(certFile, keyFile, commonName string, lifetimeDays int) (tls
notBefore := time.Now().Truncate(24 * time.Hour)
notAfter := notBefore.Add(time.Duration(lifetimeDays*24) * time.Hour)
// NOTE: update checkExpiry() appropriately if you add or change attributes
// in here, especially DNSNames or IPAddresses.
// NOTE: update lib/api.shouldRegenerateCertificate() appropriately if
// you add or change attributes in here, especially DNSNames or
// IPAddresses.
template := x509.Certificate{
SerialNumber: new(big.Int).SetUint64(rand.Uint64()),
Subject: pkix.Name{
CommonName: commonName,
CommonName: commonName,
Organization: []string{"Syncthing"},
OrganizationalUnit: []string{"Automatically Generated"},
},
DNSNames: []string{commonName},
NotBefore: notBefore,