diff options
author | Håkon Hallingstad <hakon@oath.com> | 2018-03-08 13:59:05 +0100 |
---|---|---|
committer | Håkon Hallingstad <hakon@oath.com> | 2018-03-08 13:59:05 +0100 |
commit | 79239d4a4f110542e977bcb7bb98e0b4cc38a03d (patch) | |
tree | c14a4f184a4a1c1424cbd50af5bc1c381aa6dc0d /athenz-identity-provider-service/src/main | |
parent | b2b63c48f74ae45bb744d45b68a8cafa7ca36e29 (diff) |
Tune hostname-commonname mismatch message
Diffstat (limited to 'athenz-identity-provider-service/src/main')
-rw-r--r-- | athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSigner.java | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSigner.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSigner.java index 8c851ed5489..f6f6bb1dbca 100644 --- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSigner.java +++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSigner.java @@ -117,7 +117,7 @@ public class CertificateSigner { } } - static void verifyCertificateCommonName(X500Name subject, String commonName) { + static void verifyCertificateCommonName(X500Name subject, String remoteHostname) { List<AttributeTypeAndValue> attributesAndValues = Arrays.stream(subject.getRDNs()) .flatMap(rdn -> rdn.isMultiValued() ? Stream.of(rdn.getTypesAndValues()) : Stream.of(rdn.getFirst())) @@ -129,8 +129,9 @@ public class CertificateSigner { } String actualCommonName = DERUTF8String.getInstance(attributesAndValues.get(0).getValue()).getString(); - if (! actualCommonName.equals(commonName)) { - throw new IllegalArgumentException("Expected common name to be " + commonName + ", but was " + actualCommonName); + if (! actualCommonName.equals(remoteHostname)) { + throw new IllegalArgumentException("Remote hostname " + remoteHostname + + " does not match common name " + actualCommonName); } } |