diff options
| author | Ben Pfaff <blp@nicira.com> | 2010-06-29 14:58:05 -0700 |
|---|---|---|
| committer | Ben Pfaff <blp@nicira.com> | 2010-06-29 16:40:26 -0700 |
| commit | c6c9e1e36fdd9fe05e3d08a5e8fcceca13efd58a (patch) | |
| tree | 9e4e015b5755f9ac37efaefa54b2b4644d007d00 /utilities/ovs-pki.in | |
| parent | 4e312e694f1e9e34ed0aad7d5778b73d7add270d (diff) | |
ovs-pki: Allow generating certificates with duplicate subjects.
Without this setting, the certificate authorities that ovs-pki creates will
not allow two switches or two controllers to have the same name. This
causes problem in testing, since it's often convenient to test with short,
common names like "tmp".
(If you need to fix a PKI that you already created, in addition to
modifying ca.cnf you will need to make the same change to index.txt.attr.)
CC: Pierre Ettori <pettori@nicira.com>
Diffstat (limited to 'utilities/ovs-pki.in')
| -rwxr-xr-x | utilities/ovs-pki.in | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/utilities/ovs-pki.in b/utilities/ovs-pki.in index ea959fdd..5c8c4bb2 100755 --- a/utilities/ovs-pki.in +++ b/utilities/ovs-pki.in @@ -249,6 +249,7 @@ email_in_dn = no # Don't add the email into cert DN name_opt = ca_default # Subject name display option cert_opt = ca_default # Certificate display option copy_extensions = none # Don't copy extensions from request +unique_subject = no # Allow certs with duplicate subjects # For the CA policy [ policy ] |