mirrors/talos
1
0
Fork 0
mirror of https://github.com/siderolabs/talos.git synced 2026-05-05 04:16:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix: add CA subject to generated certificate

Browse Source 
Self-signed certificates are missing Subject/Issuer info,
which are not present in CA. This sometimes might be causing issues
as it is invalid format.

Signed-off-by: Mateusz Urbanek <mateusz.urbanek@siderolabs.com>
This commit is contained in:
Mateusz Urbanek 2025-11-21 10:37:39 +01:00
parent 35dd612a5e
commit a89108995f
No known key found for this signature in database
GPG Key ID: F16F84591E26D77F
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cmd/talosctl/pkg/mgmt/helpers/airgapped.go
View File

@ -13,13 +13,17 @@ import (
// GenerateSelfSignedCert generates self-signed certificate.
func GenerateSelfSignedCert(sanIPs []net.IP, sanNames []string) ([]byte, []byte, []byte, error) {
ca, err := x509.NewSelfSignedCertificateAuthority(x509.ECDSA(true))
ca, err := x509.NewSelfSignedCertificateAuthority(
x509.ECDSA(true),
x509.Organization("talos.dev"),
x509.CommonName("talos.dev Root CA"),
)
if err != nil {
return nil, nil, nil, err
}
serverIdentity, err := x509.NewKeyPair(ca,
x509.Organization("test"),
x509.Organization("talos.dev"),
x509.CommonName("server"),
x509.IPAddresses(sanIPs),
x509.DNSNames(sanNames),