Package: ssl-cert
Version: 1.0.28
The 'make-ssl-cert' command fails on hosts with longer than
64-characters as the FQDN.
https://bugs.launchpad.net/ubuntu/+source/ssl-cert/+bug/1004682
ben@utlemming-22a:~$ hostname -f
utlemming-22a.139cd93ba280479588e4157eac561a0b.utlemming-22a.525551751.uswest.internal.utlemmings-excellent-cloud.com
ben@utlemming-22a:~$ sudo make-ssl-cert generate-default-snakeoil
Could not create certificate. Openssl output was:
Generating a 2048 bit RSA private key
...+++
.+++
writing new private key to '/etc/ssl/private/ssl-cert-snakeoil.key'
-
problems making Certificate Request
139776384734880:error:0D07A097:asn1 encoding
routines:ASN1_mbstring_ncopy:string too long:a_mbstr.c:154:maxsize=64
The following is a patch submission that defaults to the short name if
the FQDN is too long:
=== modified file 'make-ssl-cert'
--- make-ssl-cert2009-11-01 12:14:55 +
+++ make-ssl-cert2012-05-25 20:23:05 +
@@ -30,9 +30,9 @@
}
make_snakeoil() {
-if ! HostName=$(hostname -f) ; then
+if ! { HostName=$(hostname -f) [ ${#HostName} -lt 64 ]; }; then
HostName=$(hostname)
-echo make-ssl-cert: Could not get FQDN, using \$HostName\.
+echo make-ssl-cert: Could not get or use FQDN, using \$HostName\.
echo make-ssl-cert: You may want to fix your /etc/hosts and/or
DNS setup and run
echo make-ssl-cert: 'make-ssl-cert generate-default-snakeoil
--force-overwrite'
echo make-ssl-cert: again.
--
Ben Howard
ben.how...@ubuntu.com
Canonical
GPG ID 0x5406A866