From: Tom Hughes <tom@compton.nu>
Date: Fri, 13 Nov 2020 14:09:11 +0000 (+0000)
Subject: Fix error when a certificate only has one name
X-Git-Url: https://git.openstreetmap.org/chef.git/commitdiff_plain/3ed0e55b250219194e551a50e068ddeb4103fbf6?hp=4ecf0cb8026f5fe841dab109754d324285274d64

Fix error when a certificate only has one name
---

diff --git a/cookbooks/ssl/resources/certificate.rb b/cookbooks/ssl/resources/certificate.rb
index 116c2bd4d..5fc33b61b 100644
--- a/cookbooks/ssl/resources/certificate.rb
+++ b/cookbooks/ssl/resources/certificate.rb
@@ -24,7 +24,7 @@ property :domains, [String, Array], :required => [:create]
 
 action :create do
   node.default[:letsencrypt][:certificates][new_resource.certificate] = {
-    :domains => Array(new_resource.domains)
+    :domains => domains
   }
 
   if letsencrypt
@@ -53,7 +53,7 @@ action :create do
       force_unlink true
     end
   else
-    alt_names = new_resource.domains.collect { |domain| "DNS:#{domain}" }
+    alt_names = domains.collect { |domain| "DNS:#{domain}" }
 
     openssl_x509_certificate "/etc/ssl/certs/#{new_resource.certificate}.pem" do
       key_file "/etc/ssl/private/#{new_resource.certificate}.key"
@@ -62,7 +62,7 @@ action :create do
       mode "640"
       org "OpenStreetMap"
       email "operations@osmfoundation.org"
-      common_name new_resource.domains.first
+      common_name domains.first
       subject_alt_name alt_names
       extensions "keyUsage" => { "values" => %w[digitalSignature keyEncipherment], "critical" => true },
                  "extendedKeyUsage" => { "values" => %w[serverAuth clientAuth], "critical" => true }
@@ -84,4 +84,8 @@ action_class do
   def letsencrypt
     @letsencrypt ||= search(:letsencrypt, "id:#{new_resource.certificate}").first
   end
+
+  def domains
+    Array(new_resource.domains)
+  end
 end