Skip to content

Commit f7270c4

Browse files
Kushal-debKushal-deb
committed
mgr/cephadm: include cluster FSID in root CA Common Name (CN)
Signed-off-by: Kushal Deb <[email protected]>
1 parent 24bc646 commit f7270c4

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

src/pybind/mgr/cephadm/ssl_cert_utils.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -137,7 +137,7 @@ def generate_root_cert(
137137
root_public_key = self.root_key.public_key()
138138
root_builder = x509.CertificateBuilder()
139139
root_ca_name = x509.Name([
140-
x509.NameAttribute(NameOID.COMMON_NAME, u'cephadm-root'),
140+
x509.NameAttribute(NameOID.COMMON_NAME, f'cephadm-root-{self.cluster_fsid}'),
141141
])
142142
root_builder = root_builder.subject_name(root_ca_name)
143143
root_builder = root_builder.issuer_name(root_ca_name)
@@ -198,7 +198,7 @@ def generate_cert(
198198

199199
builder = x509.CertificateBuilder()
200200
root_ca_name = x509.Name([
201-
x509.NameAttribute(NameOID.COMMON_NAME, u'cephadm-root'),
201+
x509.NameAttribute(NameOID.COMMON_NAME, f'cephadm-root-{self.cluster_fsid}'),
202202
])
203203
builder = builder.subject_name(x509.Name([x509.NameAttribute(NameOID.COMMON_NAME, addrs[0]), ]))
204204
builder = builder.issuer_name(root_ca_name)

0 commit comments

Comments
 (0)