ソースを参照

Remove unnecessary defaults from openvpn certificate

Allen Riddell 8年前
コミット
c1511c057f
3個のファイルの変更1行の追加11行の削除
  1. 0
    5
      group_vars/sovereign
  2. 1
    1
      roles/vpn/tasks/openvpn.yml
  3. 0
    5
      roles/vpn/templates/openssl-server-certificate.cnf.j2

+ 0
- 5
group_vars/sovereign ファイルの表示

@@ -51,11 +51,6 @@ prosody_accounts:
51 51
     password: TODO
52 52
 
53 53
 # openvpn
54
-openvpn_key_country:  "US"
55
-openvpn_key_province: "California"
56
-openvpn_key_city: "Beverly Hills"
57
-openvpn_key_org: "ACME CORPORATION"
58
-openvpn_key_ou: "Anvil Department"
59 54
 openvpn_clients:
60 55
   - laptop
61 56
   - phone

+ 1
- 1
roles/vpn/tasks/openvpn.yml ファイルの表示

@@ -38,7 +38,7 @@
38 38
         mode=0600
39 39
 
40 40
 - name: Generate CA certificate
41
-  command: openssl req -nodes -batch -new -x509 -key {{ openvpn_ca }}.key -out {{ openvpn_ca }}.crt -days {{ openvpn_days_valid }} -subj "{{ openssl_request_subject }}/CN=ca-certificate"
41
+  command: openssl req -nodes -batch -new -x509 -key {{ openvpn_ca }}.key -out {{ openvpn_ca }}.crt -days {{ openvpn_days_valid }} -subj "{{ openssl_request_subject }}/CN=sovereign-ca-certificate"
42 42
            creates={{ openvpn_ca }}.crt
43 43
 
44 44
 - name: Generate the OpenSSL configuration that will be used for the Server certificate's req and ca commands

+ 0
- 5
roles/vpn/templates/openssl-server-certificate.cnf.j2 ファイルの表示

@@ -39,19 +39,14 @@ distinguished_name = req_distinguished_name
39 39
 
40 40
 [ req_distinguished_name ]
41 41
 countryName = Country Name (2 letter code)
42
-countryName_default = {{ openvpn_key_country }}
43 42
 
44 43
 stateOrProvinceName = State or Province Name (full name)
45
-stateOrProvinceName_default = {{ openvpn_key_province }}
46 44
 
47 45
 localityName = Locality Name (eg, city)
48
-localityName_default = {{ openvpn_key_city }}
49 46
 
50 47
 0.organizationName = Organization Name (eg, company)
51
-0.organizationName_default = {{ openvpn_key_org }}
52 48
 
53 49
 organizationalUnitName = Organizational Unit Name (eg, section)
54
-organizationalUnitName_default = {{ openvpn_key_ou }}
55 50
 
56 51
 commonName = Common Name (eg, your name or your server\'s hostname)
57 52
 commonName_default = server

読み込み中…
キャンセル
保存