NuxRo opened a new issue, #11848:
URL: https://github.com/apache/cloudstack/issues/11848
### problem
I need to add 127.0.0.1 to the certificate for $IP:9090/ and
ca.framework.cert.management.custom.san is the way to do it, but the feature
interprets the entry as a single string, such that the following value:
_cloudstack.internal, 127.0.0.1_
leads to this kind of alt name configuration:
_~# openssl s_client -connect 127.0.01:9090 </dev/null 2>/dev/null | openssl
x509 -noout -text | grep DNS:
IP Address:192.168.0.123, DNS:**cloudstack.internal,
127.0.0.1**_
Note that "cloudstack.internal, 127.0.0.1" is a single string here, so the
comma separation is not a thing as I assumed.
Replacing cloudstack.internal with 127.0.0.1 takes me one step further, in
that 127.0.0.1 is added to the alt names, but is treated as a hostname, not an
IP.
_~#openssl s_client -connect 127.0.01:9090 </dev/null 2>/dev/null | openssl
x509 -noout -text | grep DNS:
IP Address:192.168.0.123, DNS:127.0.0.1_
To further aggravate me, even _cloudstack-setup-databases -i 127.0.0.1_
produces the same results, 127.0.0.1 is treated as hostname, not IP, just like
the above.
### versions
4.21.0.0 KVM
### The steps to reproduce the bug
_No response_
### What to do about it?
_No response_
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
