switch to csr.json mode

2022-12-21 01:27:11 +01:00 · 2022-12-21 01:27:11 +01:00 · c077335f32
commit c077335f32
parent 89312ca93b
5 changed files with 62 additions and 31 deletions
--- a/templates/cfssl.json.j2
+++ b/templates/cfssl.json.j2
@ -0,0 +1,19 @@
+{
+  "signing": {
+    "default": {
+      "auth_remote":{
+        "auth_key": "key-srv",
+        "remote": "remote-srv"
+      }
+    }
+  },
+  "auth_keys": {
+    "key-srv": {
+      "type":"standard",
+      "key":"{{cfssl_auth_key}}"
+    }
+  },
+  "remotes": {
+    "remote-srv": "{{cfssl_serve_url}}"
+  }
+}
--- a/templates/csr.json.j2
+++ b/templates/csr.json.j2
@ -1,6 +1,9 @@
 {
-    "CN": {{item.cname | to_json}},
-    "hosts": {{ (item.sans|default([]) + item.altips|default([]) + item.cname.split(',')) | to_json}},
-    "key" : {{item.key | default(pki_key) | to_json}},
-    "names" : {{item.names | default(pki_names) | to_json}}
-}
+    "CN": "{{inventory_hostname_short}}.{{vm_domain_name}}",
+    "hosts": [
+        "{{inventory_hostname_short}}.{{vm_domain_name}}",
+        "{{inventory_hostname_short}}-adm.{{vm_domain_name}}"
+    ],
+    "key" : {{crt_key | to_json}},
+    "names" : {{crt_names | to_json}}
+}
--- a/templates/server.cnf.j2
+++ b/templates/server.cnf.j2
@ -1,13 +0,0 @@
-[ req ]
-prompt = no
-distinguished_name = dn
-req_extensions = req_ext
-
-[ dn ]
-CN = {{inventory_hostname_short}}.{{vm_domain_name}}
-
-[ req_ext ]
-subjectAltName = DNS:{{inventory_hostname_short}}.{{vm_domain_name}},DNS:{{inventory_hostname_short}}-adm.{{vm_domain_name}}
-
-[ alt_names ]
-DNS.1 = {{inventory_hostname_short}}-adm.{{vm_domain_name}}