external/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-03-09 15:40:18 +00:00
Code Issues Releases Wiki Activity

MeshCentral can now issue AMT TLS certificates using a specified custom root cert.

Browse source
This commit is contained in:
Ylian Saint-Hilaire 2021-01-20 09:54:51 -08:00
parent 62aa5e76cc
commit d3fd8e7311
4 changed files with 71 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

10
amtmanager.js
View file

@ -862,8 +862,14 @@ module.exports.CreateAmtManager = function (parent) {
var serverName = 'MeshCentral';
if ((domain != null) && (domain.title != null)) { serverName = domain.title; }
const certattributes = { 'CN': commonName, 'O': serverName, 'ST': 'MC', 'C': 'MC' };
const issuerattributes = { 'CN': obj.rootCertCN };
const xxCaPrivateKey = obj.parent.certificates.root.key;
// See what root certificate to use to sign the TLS cert
var xxCaPrivateKey = obj.parent.certificates.root.key; // Use our own root by default
var issuerattributes = { 'CN': obj.rootCertCN };
if (domain.amtmanager.tlsrootcert2 != null) {
xxCaPrivateKey = domain.amtmanager.tlsrootcert2.key;
issuerattributes = domain.amtmanager.tlsrootcert2.attributes;
}
// Set the extended key usages
var extKeyUsage = { name: 'extKeyUsage', serverAuth: true, clientAuth: true }