tools: getxattr: drop debug statement

[pve-common.git] / src / PVE / Certificate.pm

diff --git a/src/PVE/Certificate.pm b/src/PVE/Certificate.pm
index 2421f3f1574368b26b0df28486826d763faffe99..31a77223f83c556e393be3a3165ea168eda5ae1d 100644 (file)
--- a/src/PVE/Certificate.pm
+++ b/src/PVE/Certificate.pm
@@ -199,10 +199,8 @@ my $read_certificate = sub {
        or $ssl_die->("unable to read '$cert_path' - $!\n");
 
     my $cert = Net::SSLeay::PEM_read_bio_X509($bio);
-    if (!$cert) {
-       Net::SSLeay::BIO_free($bio);
-       die "unable to read certificate from '$cert_path'\n";
-    }
+    Net::SSLeay::BIO_free($bio);
+    die "unable to read certificate from '$cert_path'\n" if !$cert;
 
     return $cert;
 };
@@ -336,6 +334,9 @@ sub generate_csr {
     my $san = [ map { $_->{value} } grep { $_->{type} eq 'dns' } @$identifiers ];
     die "DNS identifiers are required to generate a CSR.\n" if !scalar @$san;
 
+    # optional
+    my $common_name = delete($attr{common_name}) // $san->[0];
+
     my $md = eval { Net::SSLeay::EVP_get_digestbyname($dig_alg) };
     die "Invalid digest algorithm '$dig_alg'\n" if !$md;
 
@@ -366,7 +367,7 @@ sub generate_csr {
        }
     };
 
-    $add_name_entry->('CN', @$san[0]);
+    $add_name_entry->('CN', $common_name);
     for (qw(C ST L O OU)) {
         if (defined(my $v = $attr{$_})) {
            $add_name_entry->($_, $v);