fix #164: server cert is not created, if servername is not server.

HappyBasher · HappyBasher · commit 28503c36d401 · 2025-05-31T15:15:56.000+02:00
diff --git a/debian/changelog b/debian/changelog
@@ -1,3 +1,9 @@
+linuxmuster-base7 (7.3.18-0) lmn73; urgency=low
+
+  * fix #164: server cert is not created, if servername is not server.
+
+ -- Thomas Schmitt <thomas@linuxmuster.net>  Sat, 31 May 2025 15:14:32 +0200
+
 linuxmuster-base7 (7.3.17-0) lmn73; urgency=low
 
   * fix default dns configuration for opnsense (#163).
diff --git a/lib/functions.py b/lib/functions.py
@@ -3,7 +3,7 @@
 # functions.py
 #
 # thomas@linuxmuster.net
-# 20250503
+# 20250531
 #
 
 from subprocess import Popen, PIPE
@@ -521,7 +521,10 @@ def createServerCert(item, days, logfile):
     csrfile = environment.SSLDIR + '/' + item + '.csr'
     keyfile = environment.SSLDIR + '/' + item + '.key.pem'
     certfile = environment.SSLDIR + '/' + item + '.cert.pem'
-    cnffile = environment.SSLDIR + '/' + item + '_cert_ext.cnf'
+    if item == 'firewall':
+        cnffile = environment.SSLDIR + '/' + item + '_cert_ext.cnf'
+    else:
+        cnffile = environment.SSLDIR + '/server_cert_ext.cnf'
     fullchain = environment.SSLDIR + '/' + item + '.fullchain.pem'
     subj = '-subj /CN=' + fqdn + '/'
     shadays = ' -sha256 -days ' + days
