Skip to content

Commit c60b2cb

Browse files
dmp42dmp42
committed
Merge pull request docker-archive-public#1910 from posita/posita/1880-ssl-cert-snafu
READY FOR REVIEW - Work-around erroneous SSL: CERTIFICATE_VERIFY_FAILED error with some buggy versions of OpenSSL
2 parents 11fd964 + f80dc36 commit c60b2cb

File tree

2 files changed

+4
-3
lines changed

2 files changed

+4
-3
lines changed

libmachine/cert/bootstrap.go

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,8 @@ func BootstrapCertificates(authOptions *auth.AuthOptions) error {
2020
// TODO: I'm not super happy about this use of "org", the user should
2121
// have to specify it explicitly instead of implicitly basing it on
2222
// $USER.
23-
org := mcnutils.GetUsername()
23+
caOrg := mcnutils.GetUsername()
24+
org := caOrg + ".<bootstrap>"
2425

2526
bits := 2048
2627

@@ -42,7 +43,7 @@ func BootstrapCertificates(authOptions *auth.AuthOptions) error {
4243
return errors.New("The CA key already exists. Please remove it or specify a different key/cert.")
4344
}
4445

45-
if err := GenerateCACertificate(caCertPath, caPrivateKeyPath, org, bits); err != nil {
46+
if err := GenerateCACertificate(caCertPath, caPrivateKeyPath, caOrg, bits); err != nil {
4647
return fmt.Errorf("Generating CA certificate failed: %s", err)
4748
}
4849
}

libmachine/provision/utils.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -63,7 +63,7 @@ func ConfigureAuth(p Provisioner) error {
6363
driver := p.GetDriver()
6464
machineName := driver.GetMachineName()
6565
authOptions := p.GetAuthOptions()
66-
org := machineName
66+
org := mcnutils.GetUsername() + "." + machineName
6767
bits := 2048
6868

6969
ip, err := driver.GetIP()

0 commit comments

Comments
 (0)