forked from solderpunk/gemcert
Use non-wildcard form of server cert domain as CN, and put both forms in SAN.
This commit is contained in:
parent
0942168b3b
commit
ab21dca280
5
main.go
5
main.go
|
@ -81,11 +81,12 @@ func main() {
|
|||
}
|
||||
|
||||
func getServerCertTemplate(domain string, notBefore time.Time, notAfter time.Time) x509.Certificate {
|
||||
wildcard := "*." + domain
|
||||
template := getCommonCertTemplate(notBefore, notAfter)
|
||||
template.Subject = pkix.Name{
|
||||
CommonName: wildcard,
|
||||
CommonName: domain,
|
||||
}
|
||||
wildcard := "*." + domain
|
||||
template.DNSNames = append(template.DNSNames, domain)
|
||||
template.DNSNames = append(template.DNSNames, wildcard)
|
||||
return template
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue