summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@vyos.io>2024-04-24 10:20:39 +0200
committerGitHub <noreply@github.com>2024-04-24 10:20:39 +0200
commita63e934073744772dc9fd919b7bb376ed9ceeab3 (patch)
treea6acb95013c327ad44ad856ce0b27264528b7209
parent5b3f2b5708d18f14b4ff24b37119947258ea4e78 (diff)
parenta849d913dc6a86c698dc215350a46b7af72bb99e (diff)
downloadvyos-1x-a63e934073744772dc9fd919b7bb376ed9ceeab3.tar.gz
vyos-1x-a63e934073744772dc9fd919b7bb376ed9ceeab3.zip
Merge pull request #3345 from Embezzle/T6259
PKI: T6259: Support RFC822 names in certificate generation
-rw-r--r--python/vyos/pki.py2
-rwxr-xr-xsrc/op_mode/pki.py4
2 files changed, 3 insertions, 3 deletions
diff --git a/python/vyos/pki.py b/python/vyos/pki.py
index 3c577db4d..27fe793a8 100644
--- a/python/vyos/pki.py
+++ b/python/vyos/pki.py
@@ -146,7 +146,7 @@ def create_certificate_request(subject, private_key, subject_alt_names=[]):
if isinstance(obj, ipaddress.IPv4Address) or isinstance(obj, ipaddress.IPv6Address):
alt_names.append(x509.IPAddress(obj))
elif isinstance(obj, str):
- alt_names.append(x509.DNSName(obj))
+ alt_names.append(x509.RFC822Name(obj) if '@' in obj else x509.DNSName(obj))
if alt_names:
builder = builder.add_extension(x509.SubjectAlternativeName(alt_names), critical=False)
diff --git a/src/op_mode/pki.py b/src/op_mode/pki.py
index ad2c1ada0..b1ca6ee29 100755
--- a/src/op_mode/pki.py
+++ b/src/op_mode/pki.py
@@ -306,7 +306,7 @@ def parse_san_string(san_string):
output.append(ipaddress.IPv4Address(value))
elif tag == 'ipv6':
output.append(ipaddress.IPv6Address(value))
- elif tag == 'dns':
+ elif tag == 'dns' or tag == 'rfc822':
output.append(value)
return output
@@ -324,7 +324,7 @@ def generate_certificate_request(private_key=None, key_type=None, return_request
subject_alt_names = None
if ask_san and ask_yes_no('Do you want to configure Subject Alternative Names?'):
- print("Enter alternative names in a comma separate list, example: ipv4:1.1.1.1,ipv6:fe80::1,dns:vyos.net")
+ print("Enter alternative names in a comma separate list, example: ipv4:1.1.1.1,ipv6:fe80::1,dns:vyos.net,rfc822:user@vyos.net")
san_string = ask_input('Enter Subject Alternative Names:')
subject_alt_names = parse_san_string(san_string)