Code Review / AGL / meta-agl-demo.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: ff1776b) | patch
kuksa-val: add regenerated server certificate 58/27758/2 13.91.0 needlefish/13.91.0 needlefish_13.91.0
authorScott Murray <scott.murray@konsulko.com>
Mon, 11 Jul 2022 23:29:53 +0000 (19:29 -0400)
committerJan-Simon Moeller <jsmoeller@linuxfoundation.org>
Wed, 13 Jul 2022 21:58:38 +0000 (21:58 +0000)
commit08977ac24f2d31b0955786824c9ff62eff981ee9
tree5315c8605e38eee12b164a9884891168900516d8tree | snapshot
parentff1776b06bc54c36d199f9061f1ff78c7b3db027commit | diff
kuksa-val: add regenerated server certificate

After fixing the issue with the SSL context purpose in the Python
client library, client connections were still failing with the
error:

  certificate verify failed: IP address mismatch, certificate is not valid for localhost

To fix this, the certificate generation script has been patched to
create the now required Subject Alt Name extension field, as that has
effectively replaced using the CN field in most SSL implementations.
Replacement Server.key and Server.pem files generated with the
updated script have been added to give us a working configuration
while this is worked with upstream so their default configuration is
usable with newer Python + OpenSSL versions.

Bug-AGL: SPEC-4467

Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Change-Id: I9e8374fbbef6e8570b16d87f4e1800ceba8aacad
recipes-connectivity/kuksa-val/kuksa-val/0001-genCerts.sh-add-Subject-Alt-Name-extension-to-server.patch [new file with mode: 0644] blob
recipes-connectivity/kuksa-val/kuksa-val/Server.key [new file with mode: 0644] blob
recipes-connectivity/kuksa-val/kuksa-val/Server.pem [new file with mode: 0644] blob
recipes-connectivity/kuksa-val/kuksa-val_git.bb diff | blob | history
meta-agl-demo layer (demo/staging/"one-shot")