Uploaded image for project: 'Mender'
  1. Mender
  2. MEN-3113

Make sure that the Subject-CN field in the certificate is set to the device identity

    XMLWordPrintable

    Details

      Description

      Acceptance criteria:

      • Inventory script which runs when mTLS is enabled, and sets the identity from the subject-CN field in the certificate.

      Since we don't want to add a dependency on OpenSSL, there needs to be a way for the client to provide the information to the script.

      Kristian's proposed solution is, also see https://tracker.mender.io/browse/MEN-3069?focusedCommentId=104510&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-104510 for adding full certificate dump idea:

      mender -dump-client-cert-subject

      See: https://tracker.mender.io/browse/MEN-3069?focusedCommentId=104236&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-104236

      Merge to:

      feature-branch

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            oleorhagen Ole Petter Orhagen
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: