letsencrypt: FIX CN parsing to work with OpenSSL 1.1 (#25935)
As we can see in
9537453586
:
CN used to be without whitespaces around the `=` but OpenSSL 1.1 introduced
whitespaces:
1.0.1: subject=/CN=example.com
1.1.0: subject=CN = example.com
This commit makes them optional.
OpenSSL 1.1 is present on the newly-released Debian Stretch, so absence
of this fix makes us not being able to use this module on this distro.
This commit is contained in:
parent
3bd8dbb53d
commit
9474f20f2d
1 changed files with 1 additions and 1 deletions
|
@ -536,7 +536,7 @@ class ACMEClient(object):
|
|||
_, out, _ = self.module.run_command(openssl_csr_cmd, check_rc=True)
|
||||
|
||||
domains = set([])
|
||||
common_name = re.search(r"Subject:.*? CN=([^\s,;/]+)", out.decode('utf8'))
|
||||
common_name = re.search(r"Subject:.*? CN\s?=\s?([^\s,;/]+)", out.decode('utf8'))
|
||||
if common_name is not None:
|
||||
domains.add(common_name.group(1))
|
||||
subject_alt_names = re.search(r"X509v3 Subject Alternative Name: \n +([^\n]+)\n", out.decode('utf8'), re.MULTILINE | re.DOTALL)
|
||||
|
|
Loading…
Reference in a new issue