Skip to content

Commit

Permalink
upload-certificate: add validation on CN field
Browse files Browse the repository at this point in the history 
Check if the uploaded certificate's CN field is missing or empty.
  • Loading branch information
@Amygos
Amygos committed Sep 4, 2024
1 parent afa3c19 commit 0e8ca0c
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions imageroot/actions/upload-certificate/21validate_certificates
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,14 @@ if ! openssl x509 -text -noout -in $CERT_FILE >/dev/null 2>&1; then
exit 4
fi

# check it the common name is present and is not empty
cn_name=$(openssl x509 -noout -subject -nameopt=multiline -in $CERT_FILE | sed -n 's/ *commonName *= //p')
if [ -z "$cn_name" ]; then
echo "Certificate doesn't have a common name."
del_certs
exit 5
fi

# check if cert is provided by key (we compare md5 of public keys)
cert_public_key="$(openssl x509 -noout -pubkey -in $CERT_FILE | openssl md5)"
key_public_key="$(openssl pkey -pubout -in $KEY_FILE | openssl md5)"
Expand Down

0 comments on commit 0e8ca0c

Please sign in to comment.