We're updating the issue view to help you get more done. 

Bootstrap fails when private_ip is a hostname

Description

When setting the private_ip field to be a hostname instead of an IP address, bootstrap fails on generating a bad SSL certificate:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 2017-05-23 14:31:20.051 LOG <manager> [nginx_xx7trq->manager_configuration_bjyx6j|preconfigure] DEBUG: Running: ['sudo', 'openssl', 'req', '-x509', '-newkey', 'rsa:2048', '-keyout', '/etc/cloudify/ssl/cloudify_internal_key.pem', '-out', '/etc/cloudify/ssl/cloudify_internal_cert.pem', '-days', '36500', '-batch', '-nodes', '-subj', '/CN=test-temp', '-config', '/tmp/tmpsyx5EM'] [127.0.0.1] out: Traceback (most recent call last): [127.0.0.1] out: File "/tmp/cloudify-ctx/scripts/tmp_X1j7M-preconfigure.py-SYO41GOW", line 118, in <module> [127.0.0.1] out: preconfigure_nginx() [127.0.0.1] out: File "/tmp/cloudify-ctx/scripts/tmp_X1j7M-preconfigure.py-SYO41GOW", line 89, in preconfigure_nginx [127.0.0.1] out: target_runtime_props['internal_rest_host'] [127.0.0.1] out: File "/tmp/cloudify-ctx/scripts/utils.py", line 332, in generate_internal_ssl_cert [127.0.0.1] out: INTERNAL_PKCS12_FILENAME, [127.0.0.1] out: File "/tmp/cloudify-ctx/scripts/utils.py", line 303, in _generate_ssl_certificate [127.0.0.1] out: '/CN={0}'.format(ip), '-config', conf_file.name [127.0.0.1] out: File "/tmp/cloudify-ctx/scripts/utils.py", line 137, in sudo [127.0.0.1] out: ignore_failures=ignore_failures) [127.0.0.1] out: File "/tmp/cloudify-ctx/scripts/utils.py", line 128, in run [127.0.0.1] out: raise RuntimeError(msg) [127.0.0.1] out: RuntimeError: Failed running command: sudo openssl req -x509 -newkey rsa:2048 -keyout /etc/cloudify/ssl/cloudify_internal_key.pem -out /etc/cloudify/ssl/cloudify_internal_cert.pem -days 36500 -batch -nodes -subj /CN=test-temp -config /tmp/tmpsyx5EM (Error Loading extension section SAN [127.0.0.1] out: 139886046922656:error:220A4076:X509 V3 routines:A2I_GENERAL_NAME:bad ip address:v3_alt.c:477:value=test-temp [127.0.0.1] out: 139886046922656:error:22098080:X509 V3 routines:X509V3_EXT_nconf:error in extension:v3_conf.c:93:name=subjectAltName, value=IP:test-temp,DNS:test-temp,IP:127.0.0.1,DNS:127.0.0.1,DNS:localhost [127.0.0.1] out: ).

Status

Assignee

Unassigned

Reporter

Isaac Shabtay

Labels

Severity

None

Bug Type

None

Target Version

None

Severity

None

Fix versions

Affects versions

4.0.1