Fix error when a certificate only has one name

author Tom Hughes <tom@compton.nu>

Fri, 13 Nov 2020 14:09:11 +0000 (14:09 +0000)

committer Tom Hughes <tom@compton.nu>

Fri, 13 Nov 2020 14:13:24 +0000 (14:13 +0000)
author Tom Hughes <tom@compton.nu>
Fri, 13 Nov 2020 14:09:11 +0000 (14:09 +0000)
committer Tom Hughes <tom@compton.nu>
Fri, 13 Nov 2020 14:13:24 +0000 (14:13 +0000)
diff --git a/cookbooks/ssl/resources/certificate.rb b/cookbooks/ssl/resources/certificate.rb

index 116c2bd4da0266a940bb02cd0b4f16dc375b0e5b..5fc33b61be6e8a992b048967fbc86f6c85755ae2 100644 (file)
--- a/cookbooks/ssl/resources/certificate.rb
+++ b/cookbooks/ssl/resources/certificate.rb
@@ -24,7 +24,7 @@ property :domains, [String, Array], :required => [:create]
  
  action :create do
    node.default[:letsencrypt][:certificates][new_resource.certificate] = {
  
  action :create do
    node.default[:letsencrypt][:certificates][new_resource.certificate] = {
-    :domains => Array(new_resource.domains)
+    :domains => domains
    }
  
    if letsencrypt
    }
  
    if letsencrypt
@@ -53,7 +53,7 @@ action :create do
        force_unlink true
      end
    else
        force_unlink true
      end
    else
-    alt_names = new_resource.domains.collect { |domain| "DNS:#{domain}" }
+    alt_names = domains.collect { |domain| "DNS:#{domain}" }
  
      openssl_x509_certificate "/etc/ssl/certs/#{new_resource.certificate}.pem" do
        key_file "/etc/ssl/private/#{new_resource.certificate}.key"
  
      openssl_x509_certificate "/etc/ssl/certs/#{new_resource.certificate}.pem" do
        key_file "/etc/ssl/private/#{new_resource.certificate}.key"
@@ -62,7 +62,7 @@ action :create do
        mode "640"
        org "OpenStreetMap"
        email "operations@osmfoundation.org"
        mode "640"
        org "OpenStreetMap"
        email "operations@osmfoundation.org"
-      common_name new_resource.domains.first
+      common_name domains.first
        subject_alt_name alt_names
        extensions "keyUsage" => { "values" => %w[digitalSignature keyEncipherment], "critical" => true },
                   "extendedKeyUsage" => { "values" => %w[serverAuth clientAuth], "critical" => true }
        subject_alt_name alt_names
        extensions "keyUsage" => { "values" => %w[digitalSignature keyEncipherment], "critical" => true },
                   "extendedKeyUsage" => { "values" => %w[serverAuth clientAuth], "critical" => true }
@@ -84,4 +84,8 @@ action_class do
    def letsencrypt
      @letsencrypt ||= search(:letsencrypt, "id:#{new_resource.certificate}").first
    end
    def letsencrypt
      @letsencrypt ||= search(:letsencrypt, "id:#{new_resource.certificate}").first
    end
+
+  def domains
+    Array(new_resource.domains)
+  end
  end
  end
author	Tom Hughes <tom@compton.nu>
	Fri, 13 Nov 2020 14:09:11 +0000 (14:09 +0000)
committer	Tom Hughes <tom@compton.nu>
	Fri, 13 Nov 2020 14:13:24 +0000 (14:13 +0000)