gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-09-13 00:24:31 +08:00
Code Issues Projects Releases Packages Wiki Activity

save returned certs/keys

Browse source
This commit is contained in:
Matthew R. Kasun 2022-04-15 16:07:19 -04:00
parent 08e219cdcc
commit 4f19beda00
2 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
controllers/server.go
View file

@ -196,6 +196,9 @@ func register(w http.ResponseWriter, r *http.Request) {
// return
// }
tls.SaveCert("/tmp/sent/", "root.pem", ca)
tls.SaveCert("/tmp/sent/", "client.pem", cert)
tls.SaveKey("/tmp/sent/", "client.key", *key)
response := config.RegisterResponse{
Key: *key,
CA: *ca,
@ -240,7 +243,7 @@ func genCerts(csr *x509.CertificateRequest, publickey ed25519.PublicKey) (*x509.
func genOpenSSLCerts() (*ed25519.PrivateKey, *x509.Certificate, *x509.Certificate, error) {
cmd1 := "openssl genpkey -algorithm Ed25519 -out /tmp/client.key"
cmd2 := "openssl req -new -out /tmp/client.csr -key tmp/client.key -subj '/CN=client'"
cmd2 := "openssl req -new -out /tmp/client.csr -key /tmp/client.key -subj /CN=client"
cmd3 := "openssl x509 -req -in /tmp/client.csr -days 365 -CA /etc/netmaker/root.pem -CAkey /etc/netmaker/root.key -CAcreateserial -out /tmp/client.pem"
if _, err := ncutils.RunCmd(cmd1, true); err != nil {

2
netclient/functions/daemon.go
View file

@ -308,7 +308,7 @@ func NewTLSConfig(cfg *config.ClientConfig, server string) *tls.Config {
logger.Log(0, "VerifyConnection - certifiate mismatch")
return errors.New("certificate doesn't match server")
}
ca, err := ssl.ReadCert("/etc/netclient/" + cs.ServerName + "/server.pem")
ca, err := ssl.ReadCert("/etc/netclient/" + cs.ServerName + "/root.pem")
if err != nil {
logger.Log(0, "VerifyConnection - unable to read ca", err.Error())
return errors.New("unable to read ca")