Juju Charms Collection
apache2 package

Merge lp:~jjo/charms/trusty/apache2/fix-selfsigned-days-3650 into lp:charms/trusty/apache2

  1. Trusty Tahr (14.04)
  2. fix-selfsigned-days-3650
  3. Merge into trunk
Proposed by JuanJo Ciarlante
Status: Merged
Merged at revision: 61
Proposed branch: lp:~jjo/charms/trusty/apache2/fix-selfsigned-days-3650
Merge into: lp:charms/trusty/apache2
Diff against target: 24 lines (+2/-2)
2 files modified
data/openssl.cnf (+0/-1)
hooks/hooks.py (+2/-1)
To merge this branch: bzr merge lp:~jjo/charms/trusty/apache2/fix-selfsigned-days-3650
Reviewer Review Type Date Requested Status
Matt Bruzek (community) Approve
Adam Israel (community) Approve
Review Queue (community) Needs Fixing
Review via email: mp+245987@code.launchpad.net

Commit message

gen_selfsigned_cert: add -days 3650 to openssl cmdline,
as -x509 ignores it from data/openssl.cnf
fixes lp#1408831

To post a comment you must log in.
lp:~jjo/charms/trusty/apache2/fix-selfsigned-days-3650 updated
59. By JuanJo Ciarlante

gen_selfsigned_cert: add -days 3650 to openssl cmdline, as -x509 ignores it from data/openssl.cnf

Revision history for this message
JuanJo Ciarlante (jjo) wrote :

FYI tested this on a live unit: removed previous /etc/ssl/certs/apache2.cert, triggered config-changed, then got it properly generated:
root@juju-machine-30-lxc-2:~# openssl x509 -in /etc/ssl/certs/apache2.cert -dates -noout
notBefore=Jan 9 18:55:20 2015 GMT
notAfter=Jan 6 18:55:20 2025 GMT

Revision history for this message
Review Queue (review-queue) wrote :

This items has failed automated testing! Results available here http://reports.vapour.ws/charm-tests/charm-bundle-test-10906-results

review: Needs Fixing (automated testing)
lp:~jjo/charms/trusty/apache2/fix-selfsigned-days-3650 updated
60. By JuanJo Ciarlante

fix pep8

Revision history for this message
Adam Israel (aisrael) wrote :

Hi JuanJo,

I had the opportunity to review this MP today. Everything looks good to me. +1

review: Approve
Revision history for this message
Matt Bruzek (mbruzek) wrote :

The change looks legit. I ran the tests, they passed. +1 LGTM

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'data/openssl.cnf'
2--- data/openssl.cnf 2013-04-30 08:49:11 +0000
3+++ data/openssl.cnf 2015-01-29 12:22:32 +0000
4@@ -1,7 +1,6 @@
5 RANDFILE = /dev/urandom
6
7 [ req ]
8-default_days = 3650
9 default_bits = 1024
10 default_keyfile = privkey.pem
11 distinguished_name = req_distinguished_name
12
13=== modified file 'hooks/hooks.py'
14--- hooks/hooks.py 2014-11-20 00:06:41 +0000
15+++ hooks/hooks.py 2015-01-29 12:22:32 +0000
16@@ -191,7 +191,8 @@
17 os.environ['OPENSSL_PUBLIC'] = unit_get("public-address")
18 os.environ['OPENSSL_PRIVATE'] = unit_get("private-address")
19 run(
20- ['openssl', 'req', '-new', '-x509', '-nodes', '-config',
21+ ['openssl', 'req', '-new', '-x509', '-nodes',
22+ '-days', '3650', '-config',
23 os.path.join(os.environ['CHARM_DIR'], 'data', 'openssl.cnf'),
24 '-keyout', key_file, '-out', cert_file])
25

Subscribers

People subscribed via source and target branches

to all changes: