[PATCH] CA is no longer modified when signing minion certs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

---
 certmaster/certs.py |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/certmaster/certs.py b/certmaster/certs.py
index 9367fed..b59a972 100644
--- a/certmaster/certs.py
+++ b/certmaster/certs.py
@@ -144,7 +144,7 @@ def create_slave_certificate(csr, cakey, cacert, cadir, slave_cert_file=None):
     cert.set_version(2)
     xt = crypto.X509Extension('basicConstraints', False ,'CA:FALSE')
     # FIXME - add subjectkeyidentifier and authoritykeyidentifier extensions, too)    
-    cacert.add_extensions((xt,))
+    cert.add_extensions((xt,))
     cert.sign(cakey, 'sha1')
     if slave_cert_file:
         destfo = open(slave_cert_file, 'w')
-- 
1.5.6.5

_______________________________________________
Func-list mailing list
Func-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/func-list
[Index of Archives]     [Fedora Users]     [Linux Networking]     [Fedora Legacy List]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]

  Powered by Linux