Package: ssl-cert
Version: 1.0.28
The 'make-ssl-cert' command fails on hosts with longer than
64-characters as the FQDN.
https://bugs.launchpad.net/ubuntu/+source/ssl-cert/+bug/1004682
ben@utlemming-22a:~$ hostname -f
utlemming-22a.139cd93ba280479588e4157eac561a0b.utlemming-22a.525551751.uswest.internal.utlemmings-excellent-cloud.com
ben@utlemming-22a:~$ sudo make-ssl-cert generate-default-snakeoil
Could not create certificate. Openssl output was:
Generating a 2048 bit RSA private key
.......................+++
.................................................+++
writing new private key to '/etc/ssl/private/ssl-cert-snakeoil.key'
-----
problems making Certificate Request
139776384734880:error:0D07A097:asn1 encoding
routines:ASN1_mbstring_ncopy:string too long:a_mbstr.c:154:maxsize=64
The following is a patch submission that defaults to the short name if
the FQDN is too long:
=== modified file 'make-ssl-cert'
--- make-ssl-cert 2009-11-01 12:14:55 +0000
+++ make-ssl-cert 2012-05-25 20:23:05 +0000
@@ -30,9 +30,9 @@
}
make_snakeoil() {
- if ! HostName="$(hostname -f)" ; then
+ if ! { HostName="$(hostname -f)" && [ ${#HostName} -lt 64 ]; }; then
HostName="$(hostname)"
- echo make-ssl-cert: Could not get FQDN, using \"$HostName\".
+ echo make-ssl-cert: Could not get or use FQDN, using \"$HostName\".
echo make-ssl-cert: You may want to fix your /etc/hosts and/or
DNS setup and run
echo make-ssl-cert: 'make-ssl-cert generate-default-snakeoil
--force-overwrite'
echo make-ssl-cert: again.
--
Ben Howard
[email protected]
Canonical
GPG ID 0x5406A866
