Added subject alternative names into key generation tool #4114 (#4163)

2021-02-25 14:12:15 +02:00 · 2021-02-25 14:12:15 +02:00 · 0f3d1baa3f
commit 0f3d1baa3f
parent 43309d2497
2 changed files with 9 additions and 1 deletions
--- a/tools/src/main/shell/keygen.properties
+++ b/tools/src/main/shell/keygen.properties
@ -15,6 +15,7 @@
 #

 DOMAIN_SUFFIX="$(hostname)"
+SUBJECT_ALTERNATIVE_NAMES="ip:127.0.0.1"
 ORGANIZATIONAL_UNIT=Thingsboard
 ORGANIZATION=Thingsboard
 CITY=SF
--- a/tools/src/main/shell/server.keygen.sh
+++ b/tools/src/main/shell/server.keygen.sh
@ -86,6 +86,12 @@ fi

 echo "Generating SSL Key Pair..."

+EXT=""
+
+if [[ ! -z "$SUBJECT_ALTERNATIVE_NAMES" ]]; then
+  EXT="-ext san=$SUBJECT_ALTERNATIVE_NAMES "
+fi
+
 keytool -genkeypair -v \
  -alias $SERVER_KEY_ALIAS \
  -dname "CN=$DOMAIN_SUFFIX, OU=$ORGANIZATIONAL_UNIT, O=$ORGANIZATION, L=$CITY, ST=$STATE_OR_PROVINCE, C=$TWO_LETTER_COUNTRY_CODE" \
@ -94,7 +100,8 @@ keytool -genkeypair -v \
  -storepass $SERVER_KEYSTORE_PASSWORD \
  -keyalg $SERVER_KEY_ALG \
  -keysize $SERVER_KEY_SIZE \
-  -validity 9999
+  -validity 9999 \
+  $EXT

 status=$?
 if [[ $status != 0 ]]; then