>From e89bde4bdb7a1365531070c2578f2593b03367cf Mon Sep 17 00:00:00 2001
From: Daniel Lowe <[email protected]>
Date: Wed, 25 Aug 2010 13:57:28 -0400
Subject: [PATCH] CA is no longer modified when signing minion certs
---
certmaster/certs.py | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/certmaster/certs.py b/certmaster/certs.py
index 9367fed..b59a972 100644
--- a/certmaster/certs.py
+++ b/certmaster/certs.py
@@ -144,7 +144,7 @@ def create_slave_certificate(csr, cakey, cacert, cadir,
slave_cert_file=None):
cert.set_version(2)
xt = crypto.X509Extension('basicConstraints', False ,'CA:FALSE')
# FIXME - add subjectkeyidentifier and authoritykeyidentifier extensions,
too)
- cacert.add_extensions((xt,))
+ cert.add_extensions((xt,))
cert.sign(cakey, 'sha1')
if slave_cert_file:
destfo = open(slave_cert_file, 'w')
--
1.5.6.5
_______________________________________________
Func-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/func-list
