mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-02 13:59:59 +00:00
freeradius: fix the existed certificate error
Fixes the occasional error: # cd /etc/raddb/certs # ./bootstrap [snip] openssl ca -batch -keyfile ca.key -cert ca.pem -in client.csr -key 'whatever' -out client.crt -extensions xpclient_ext -extfile xpextensions -config ./client.cnf Using configuration from ./client.cnf Check that the request matches the signature Signature ok ERROR:There is already a certificate for /C=FR/ST=Radius/O=Example Inc./CN=user@example.org/emailAddress=user@example.org The matching entry has the following details Type :Valid Expires on :200908024833Z Serial Number :02 File name :unknown Subject Name :/C=FR/ST=Radius/O=Example Inc./CN=user@example.org/emailAddress=user@example.org make: *** [Makefile:128: client.crt] Error 1 Add the check to fix the above error and it does the same for server.crt. Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Mingli Yu
Khem Raj
+55
@@ -0,0 +1,55 @@
|
|||||||
|
From 084f5467672f2ae37003b77e8f8706772f3da3ec Mon Sep 17 00:00:00 2001
|
||||||
|
From: Mingli Yu <mingli.yu@windriver.com>
|
||||||
|
Date: Mon, 13 Jul 2020 07:01:45 +0000
|
||||||
|
Subject: [PATCH] raddb/certs/Makefile: fix the existed certificate error
|
||||||
|
|
||||||
|
Fixes:
|
||||||
|
# ./bootstrap
|
||||||
|
[snip]
|
||||||
|
openssl ca -batch -keyfile ca.key -cert ca.pem -in client.csr -key 'whatever' -out client.crt -extensions xpclient_ext -extfile xpextensions -config ./client.cnf
|
||||||
|
Using configuration from ./client.cnf
|
||||||
|
Check that the request matches the signature
|
||||||
|
Signature ok
|
||||||
|
ERROR:There is already a certificate for /C=FR/ST=Radius/O=Example Inc./CN=user@example.org/emailAddress=user@example.org
|
||||||
|
The matching entry has the following details
|
||||||
|
Type :Valid
|
||||||
|
Expires on :200908024833Z
|
||||||
|
Serial Number :02
|
||||||
|
File name :unknown
|
||||||
|
Subject Name :/C=FR/ST=Radius/O=Example Inc./CN=user@example.org/emailAddress=user@example.org
|
||||||
|
make: *** [Makefile:128: client.crt] Error 1
|
||||||
|
|
||||||
|
Add the check to fix the above error and it does the same for server.crt.
|
||||||
|
|
||||||
|
Upstream-Status: Pending
|
||||||
|
|
||||||
|
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
|
||||||
|
---
|
||||||
|
raddb/certs/Makefile | 4 ++--
|
||||||
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/raddb/certs/Makefile b/raddb/certs/Makefile
|
||||||
|
index 5cbfd467ce..77eec9baa1 100644
|
||||||
|
--- a/raddb/certs/Makefile
|
||||||
|
+++ b/raddb/certs/Makefile
|
||||||
|
@@ -92,7 +92,7 @@ server.csr server.key: server.cnf
|
||||||
|
chmod g+r server.key
|
||||||
|
|
||||||
|
server.crt: server.csr ca.key ca.pem
|
||||||
|
- $(OPENSSL) ca -batch -keyfile ca.key -cert ca.pem -in server.csr -key $(PASSWORD_CA) -out server.crt -extensions xpserver_ext -extfile xpextensions -config ./server.cnf
|
||||||
|
+ @[ -f server.crt ] || $(OPENSSL) ca -batch -keyfile ca.key -cert ca.pem -in server.csr -key $(PASSWORD_CA) -out server.crt -extensions xpserver_ext -extfile xpextensions -config ./server.cnf
|
||||||
|
|
||||||
|
server.p12: server.crt
|
||||||
|
$(OPENSSL) pkcs12 -export -in server.crt -inkey server.key -out server.p12 -passin pass:$(PASSWORD_SERVER) -passout pass:$(PASSWORD_SERVER)
|
||||||
|
@@ -117,7 +117,7 @@ client.csr client.key: client.cnf
|
||||||
|
chmod g+r client.key
|
||||||
|
|
||||||
|
client.crt: client.csr ca.pem ca.key
|
||||||
|
- $(OPENSSL) ca -batch -keyfile ca.key -cert ca.pem -in client.csr -key $(PASSWORD_CA) -out client.crt -extensions xpclient_ext -extfile xpextensions -config ./client.cnf
|
||||||
|
+ @[ -f client.crt ] || $(OPENSSL) ca -batch -keyfile ca.key -cert ca.pem -in client.csr -key $(PASSWORD_CA) -out client.crt -extensions xpclient_ext -extfile xpextensions -config ./client.cnf
|
||||||
|
|
||||||
|
client.p12: client.crt
|
||||||
|
$(OPENSSL) pkcs12 -export -in client.crt -inkey client.key -out client.p12 -passin pass:$(PASSWORD_CLIENT) -passout pass:$(PASSWORD_CLIENT)
|
||||||
|
--
|
||||||
|
2.26.2
|
||||||
|
|
||||||
@@ -27,6 +27,7 @@ SRC_URI = "git://github.com/FreeRADIUS/freeradius-server.git;branch=v3.0.x;lfs=0
|
|||||||
file://freeradius-fix-error-for-expansion-of-macro.patch \
|
file://freeradius-fix-error-for-expansion-of-macro.patch \
|
||||||
file://0001-rlm_mschap-Use-includedir-instead-of-hardcoding-usr-.patch \
|
file://0001-rlm_mschap-Use-includedir-instead-of-hardcoding-usr-.patch \
|
||||||
file://0001-rlm_python3-add-PY_INC_DIR-in-search-dir.patch \
|
file://0001-rlm_python3-add-PY_INC_DIR-in-search-dir.patch \
|
||||||
|
file://0001-raddb-certs-Makefile-fix-the-existed-certificate-err.patch \
|
||||||
file://radiusd.service \
|
file://radiusd.service \
|
||||||
file://radiusd-volatiles.conf \
|
file://radiusd-volatiles.conf \
|
||||||
"
|
"
|
||||||
|
|||||||
Reference in New Issue
Block a user