Fixed certificate creation when using with authenticode.

2025-03-09 15:40:18 +00:00 · 2022-05-29 11:16:52 -07:00 · 2022-05-29 11:16:52 -07:00 · 25c805d7ea
commit 25c805d7ea
parent 3e44d64c19
2 changed files with 13 additions and 10 deletions
--- a/certoperations.js
+++ b/certoperations.js
@ -1089,7 +1089,7 @@ module.exports.CertificateOperations = function (parent) {
            mpsPrivateKey = r.mps.key;
        }
-        r = { root: { cert: rootCertificate, key: rootPrivateKey }, web: { cert: webCertificate, key: webPrivateKey, ca: [] }, webdefault: { cert: webCertificate, key: webPrivateKey, ca: [] }, mps: { cert: mpsCertificate, key: mpsPrivateKey }, agent: { cert: agentCertificate, key: agentPrivateKey }, ca: calist, CommonName: commonName, RootName: rootName, AmtMpsName: mpsCommonName, dns: {}, WebIssuer: webIssuer };
+        r = { root: { cert: rootCertificate, key: rootPrivateKey }, web: { cert: webCertificate, key: webPrivateKey, ca: [] }, webdefault: { cert: webCertificate, key: webPrivateKey, ca: [] }, mps: { cert: mpsCertificate, key: mpsPrivateKey }, agent: { cert: agentCertificate, key: agentPrivateKey }, codesign: { cert: codesignCertificate, key: codesignPrivateKey }, ca: calist, CommonName: commonName, RootName: rootName, AmtMpsName: mpsCommonName, dns: {}, WebIssuer: webIssuer };
        // Fetch the certificates names for the main certificate
        var webCertificate = obj.pki.certificateFromPem(r.web.cert);
--- a/meshcentral.js
+++ b/meshcentral.js
@ -2860,14 +2860,17 @@ function CreateMeshCentralServer(config, args) {
        }
        // Generate the agent signature description and URL
-        const serverSignedAgentsPath = obj.path.join(obj.datapath, 'signedagents' + suffix);
+        var serverSignedAgentsPath, signDesc, signUrl;
-        var signDesc = (domain.title ? domain.title : agentSignCertInfo.cert.subject.hash);
+        if (agentSignCertInfo != null) {
            serverSignedAgentsPath = obj.path.join(obj.datapath, 'signedagents' + suffix);
            signDesc = (domain.title ? domain.title : agentSignCertInfo.cert.subject.hash);
            var httpsPort = ((obj.args.aliasport == null) ? obj.args.port : obj.args.aliasport); // Use HTTPS alias port is specified
-        var signUrl = 'https://' + ((domain.dns != null) ? domain.dns : obj.certificates.CommonName);
+            signUrl = 'https://' + ((domain.dns != null) ? domain.dns : obj.certificates.CommonName);
            if (httpsPort != 443) { signUrl += ':' + httpsPort; }
            var xdomain = (domain.dns == null) ? domain.id : '';
            if (xdomain != '') xdomain += '/';
            signUrl += '/' + xdomain;
        }
        // Load agent information file. This includes the data & time of the agent.
        const agentInfo = [];
@ -2893,7 +2896,7 @@ function CreateMeshCentralServer(config, args) {
            if ((stats == null)) continue; // If this agent does not exist, skip it.
            // Check if we need to sign this agent, if so, check if it's already been signed
-            if (obj.meshAgentsArchitectureNumbers[archid].codesign === true) {
+            if ((obj.meshAgentsArchitectureNumbers[archid].codesign === true) && (agentSignCertInfo != null)) {{
                // Open the original agent with authenticode
                var signeedagentpath = obj.path.join(serverSignedAgentsPath, obj.meshAgentsArchitectureNumbers[archid].localname);
                const originalAgent = require('./authenticode.js').createAuthenticodeHandler(agentpath);