cut and paste error making cers not include right CA info

[certmaster.git] / certmaster / certs.py

diff --git a/certmaster/certs.py b/certmaster/certs.py
index 81409f3..b59a972 100644 (file)
--- a/certmaster/certs.py
+++ b/certmaster/certs.py
@@ -37,7 +37,7 @@ def make_keypair(dest=None):
     return pkey
 
 
-def make_csr(pkey, dest=None, cn=None, hostname=None):
+def make_csr(pkey, dest=None, cn=None, hostname=None, emailaddr=None):
     req = crypto.X509Req()
     req.get_subject()
     subj  = req.get_subject()
@@ -53,7 +53,10 @@ def make_csr(pkey, dest=None, cn=None, hostname=None):
     else:
         subj.CN = utils.gethostname()
 
-    subj.emailAddress = 'root@%s' % subj.CN       
+    if emailaddr:
+        subj.emailAddress = emailaddr
+    else:
+        subj.emailAddress = 'root@%s' % subj.CN       
         
     req.set_pubkey(pkey)
     req.sign(pkey, 'md5')
@@ -139,9 +142,9 @@ def create_slave_certificate(csr, cakey, cacert, cadir, slave_cert_file=None):
     cert.set_subject(csr.get_subject())
     cert.set_pubkey(csr.get_pubkey())
     cert.set_version(2)
-    xt = crypto.X509Extension('basicConstraints', False ,'CA:False')
+    xt = crypto.X509Extension('basicConstraints', False ,'CA:FALSE')
     # FIXME - add subjectkeyidentifier and authoritykeyidentifier extensions, too)    
-    cacert.add_extensions((xt,))
+    cert.add_extensions((xt,))
     cert.sign(cakey, 'sha1')
     if slave_cert_file:
         destfo = open(slave_cert_file, 'w')