ovs-pki: Unique subject DNs for certificate requests.

author Gurucharan Shetty <gshetty@nicira.com>

Mon, 22 Oct 2012 17:52:41 +0000 (10:52 -0700)

committer Gurucharan Shetty <gshetty@nicira.com>

Mon, 22 Oct 2012 20:47:00 +0000 (13:47 -0700)
author Gurucharan Shetty <gshetty@nicira.com>
Mon, 22 Oct 2012 17:52:41 +0000 (10:52 -0700)
committer Gurucharan Shetty <gshetty@nicira.com>
Mon, 22 Oct 2012 20:47:00 +0000 (13:47 -0700)
diff --git a/utilities/ovs-pki.in b/utilities/ovs-pki.in

index bf40c29586f64306d063ccf2ccbbd1636243ae13..1f15410ec32b7e7c170de5aecfe6ac0c67b6d203 100755 (executable)
--- a/utilities/ovs-pki.in
+++ b/utilities/ovs-pki.in
@@ -429,6 +429,8 @@ make_request() {
      must_not_exist "$arg1-privkey.pem"
      must_not_exist "$arg1-req.pem"
      make_tmpdir
+    # Use uuidgen or date to create unique subject DNs.
+    unique=`(uuidgen) 2>/dev/null` || unique=`date +"%Y %b %d %T"`
      cat > "$TMP/req.cnf" <<EOF
  [ req ]
  prompt = no
@@ -440,7 +442,7 @@ ST = CA
  L = Palo Alto
  O = Open vSwitch
  OU = Open vSwitch certifier
-CN = Open vSwitch certificate for $arg1
+CN = $arg1 id:$unique
  EOF
      if test $keytype = rsa; then
          (umask 077 && openssl genrsa -out "$1-privkey.pem" $bits) 1>&3 2>&3 \
author	Gurucharan Shetty <gshetty@nicira.com>
	Mon, 22 Oct 2012 17:52:41 +0000 (10:52 -0700)
committer	Gurucharan Shetty <gshetty@nicira.com>
	Mon, 22 Oct 2012 20:47:00 +0000 (13:47 -0700)