[ovs-dev] [PATCH] ovs-pki: Unique subject DNs for certificate requests.

Gurucharan Shetty gshetty at nicira.com
Mon Oct 22 19:43:11 UTC 2012


Some applications expect subject DNs to be unique.

Bug #13609.
Signed-off-by: Gurucharan Shetty<gshetty at nicira.com>
---
 utilities/ovs-pki.in |    8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/utilities/ovs-pki.in b/utilities/ovs-pki.in
index bf40c29..cfbcdea 100755
--- a/utilities/ovs-pki.in
+++ b/utilities/ovs-pki.in
@@ -429,6 +429,12 @@ make_request() {
     must_not_exist "$arg1-privkey.pem"
     must_not_exist "$arg1-req.pem"
     make_tmpdir
+    # Use uuidgen or date to create unique subject DNs.
+    if unique=`uuidgen 2>/dev/null`; then
+        :
+    else
+        unique=`date +"%Y %b %d %T"`
+    fi
     cat > "$TMP/req.cnf" <<EOF
 [ req ]
 prompt = no
@@ -440,7 +446,7 @@ ST = CA
 L = Palo Alto
 O = Open vSwitch
 OU = Open vSwitch certifier
-CN = Open vSwitch certificate for $arg1
+CN = $arg1 id:$unique
 EOF
     if test $keytype = rsa; then
         (umask 077 && openssl genrsa -out "$1-privkey.pem" $bits) 1>&3 2>&3 \
-- 
1.7.9.5




More information about the dev mailing list