Merge pull request #225 from hrabalvojta/master

hslatman · web-flow · commit 63dcac850c89 · 2025-10-14T15:51:21.000+02:00
Fix: CA subject generation in example
diff --git a/step-certificates/examples/certificate_authority_single_instance/ca.config b/step-certificates/examples/certificate_authority_single_instance/ca.config
@@ -2,6 +2,7 @@
   "root_ca_name": "example-root-ca",
   "intermediate_ca_name": "example-intermediate-ca",
   "ca_org_name": "Example CA Org",
+  "ca_orgunit_name": "Example OU CA Org",
   "ca_country_name": "US",
   "ca_locality_name": "Minnesota",
   "ca_dns_names": [
@@ -11,4 +12,4 @@
   ],
   "jwk_provisioner_name": "admin",
   "ca_url": "mysteprelease-step-certificates.default.svc.cluster.local"
-}
+}
diff --git a/step-certificates/examples/certificate_authority_single_instance/generate-values.sh b/step-certificates/examples/certificate_authority_single_instance/generate-values.sh
@@ -3,13 +3,14 @@
 ROOT_CA_NAME=`jq -r '.root_ca_name' ca.config`
 INTERMEDIATE_CA_NAME=`jq -r '.intermediate_ca_name' ca.config`
 CA_ORG_NAME=`jq -r '.ca_org_name' ca.config`
+CA_ORGUNIT_NAME=`jq -r '.ca_orgunit_name' ca.config`
 CA_COUNTRY_NAME=`jq -r '.ca_country_name' ca.config`
 CA_LOCALITY_NAME=`jq -r '.ca_locality_name' ca.config`
 CA_DNS_NAMES=`jq -c .ca_dns_names ca.config`
 CA_URL=`jq -r .ca_url ca.config`
 JWK_PROVISIONER_NAME=`jq -r .jwk_provisioner_name ca.config`
 
-export ROOT_CA_NAME INTERMEDIATE_CA_NAME CA_ORG_NAME CA_COUNTRY_NAME CA_LOCALITY_NAME CA_DNS_NAMES CA_URL JWK_PROVISIONER_NAME
+export ROOT_CA_NAME INTERMEDIATE_CA_NAME CA_ORG_NAME CA_ORGUNIT_NAME CA_COUNTRY_NAME CA_LOCALITY_NAME CA_DNS_NAMES CA_URL JWK_PROVISIONER_NAME
 
 # Write Out Root and Intermediate Certificate Templates
 cat root-tls.json.tpl | envsubst | tee root-tls.json
diff --git a/step-certificates/examples/certificate_authority_single_instance/intermediate-tls.json.tpl b/step-certificates/examples/certificate_authority_single_instance/intermediate-tls.json.tpl
@@ -1,13 +1,14 @@
 {
   "subject": {
     "commonName": "${INTERMEDIATE_CA_NAME}",
-    "organizationName": "${CA_ORG_NAME}",
-    "countryName": "${CA_COUNTRY_NAME}",
-    "localityName": "${CA_LOCALITY_NAME}"
+    "organization": "${CA_ORG_NAME}",
+    "organizationalUnit": "${CA_ORGUNIT_NAME}",
+    "country": "${CA_COUNTRY_NAME}",
+    "locality": "${CA_LOCALITY_NAME}"
   },
   "keyUsage": [ "certSign", "crlSign" ],
   "basicConstraints": {
     "isCA": true,
     "maxPathLen": 1
   }
-}
+}
diff --git a/step-certificates/examples/certificate_authority_single_instance/root-tls.json.tpl b/step-certificates/examples/certificate_authority_single_instance/root-tls.json.tpl
@@ -1,13 +1,14 @@
 {
   "subject": {
     "commonName": "${ROOT_CA_NAME}",
-    "organizationName": "${CA_ORG_NAME}",
-    "countryName": "${CA_COUNTRY_NAME}",
-    "localityName": "${CA_LOCALITY_NAME}"
+    "organization": "${CA_ORG_NAME}",
+    "organizationalUnit": "${CA_ORGUNIT_NAME}",
+    "country": "${CA_COUNTRY_NAME}",
+    "locality": "${CA_LOCALITY_NAME}"
   },
   "keyUsage": [ "certSign", "crlSign" ],
   "basicConstraints": {
     "isCA": true,
     "maxPathLen": 1
   }
-}
+}
