diff options
author | Bjørn Christian Seime <bjorncs@oath.com> | 2017-12-06 11:06:44 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@oath.com> | 2017-12-06 11:06:44 +0100 |
commit | a210a0a345a63bb947a95038ea9f9beebea69702 (patch) | |
tree | 9868543ed6c83450ebdfe414284ef31fd8aaba3b /athenz-identity-provider-service | |
parent | 351229b42387bbef47163e423f0c1c570f1dbeb1 (diff) |
Match issuer name defined in self-signed cert in trust store
Diffstat (limited to 'athenz-identity-provider-service')
-rw-r--r-- | athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSigner.java | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSigner.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSigner.java index 2dc3f24664c..1014fc4afdf 100644 --- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSigner.java +++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/ca/CertificateSigner.java @@ -2,9 +2,9 @@ package com.yahoo.vespa.hosted.athenz.instanceproviderservice.ca; import com.google.common.collect.ImmutableList; import com.google.inject.Inject; +import com.yahoo.cloud.config.ConfigserverConfig; import com.yahoo.config.provision.Zone; import com.yahoo.log.LogLevel; -import com.yahoo.net.HostName; import com.yahoo.vespa.hosted.athenz.instanceproviderservice.KeyProvider; import com.yahoo.vespa.hosted.athenz.instanceproviderservice.config.AthenzProviderServiceConfig; import org.bouncycastle.asn1.ASN1ObjectIdentifier; @@ -68,13 +68,16 @@ public class CertificateSigner { private final Clock clock; @Inject - public CertificateSigner(KeyProvider keyProvider, AthenzProviderServiceConfig config, Zone zone) { - this(getPrivateKey(keyProvider, config, zone), HostName.getLocalhost(), Clock.systemUTC()); + public CertificateSigner(KeyProvider keyProvider, + ConfigserverConfig configserverConfig, + AthenzProviderServiceConfig config, + Zone zone) { + this(getPrivateKey(keyProvider, config, zone), configserverConfig.loadBalancerAddress(), Clock.systemUTC()); } - CertificateSigner(PrivateKey caPrivateKey, String configServerHostname, Clock clock) { + CertificateSigner(PrivateKey caPrivateKey, String loadBalancerAddress, Clock clock) { this.caPrivateKey = caPrivateKey; - this.issuer = new X500Name("CN=" + configServerHostname); + this.issuer = new X500Name("CN=" + loadBalancerAddress); this.clock = clock; } |