fix csr sign

pm4ml · Feb 5, 2022 · 31280e3 · 31280e3
1 parent e754e04
commit 31280e3
Show file tree

Hide file tree

Showing 5 changed files with 8 additions and 7 deletions.
diff --git a/server/package-lock.json b/server/package-lock.json
diff --git a/server/package.json b/server/package.json
@@ -1,6 +1,6 @@
 {
   "name": "connection-manager-api",
-  "version": "1.7.27",
+  "version": "1.7.28",
   "description": "ModusBox Connection Manager API",
   "main": "index.js",
   "scripts": {

diff --git a/server/src/constants/Constants.js b/server/src/constants/Constants.js
@@ -129,6 +129,7 @@ module.exports = {
       .default('1000')
       .asInt(),
   },
+  switchFQDN: env.get('SWITCH_FQDN').default('switch.example.com').asString(),
   vault: {
     endpoint: env.get('VAULT_ENDPOINT').required().asString(),
     mounts: {

diff --git a/server/src/pki_engine/VaultPKIEngine.js b/server/src/pki_engine/VaultPKIEngine.js
@@ -512,15 +512,15 @@ class VaultPKIEngine extends PKIEngine {
   /**
    * Sign Client (DFSP) CSR and return client certificate
    * @param csr
+   * @param commonName
    * @returns {Promise<*>}
    */
-  async sign (csr) {
-    const csrInfo = forge.pki.certificationRequestFromPem(csr);
+  async sign (csr, commonName) {
     const { data } = await this.client.request({
       path: `/${this.mounts.pki}/sign/${this.pkiClientRole}`,
       method: 'POST',
       json: {
-        common_name: csrInfo.subject.getField('CN').value,
+        common_name: commonName,
         csr,
         ttl: `${this.signExpiryHours}h`,
       },

diff --git a/server/src/service/DfspInboundService.js b/server/src/service/DfspInboundService.js
@@ -109,7 +109,7 @@ exports.signDFSPInboundEnrollment = async (ctx, dfspId, enId) => {
 
   const { csr } = enrollment;
 
-  const newCert = await pkiEngine.sign(csr);
+  const newCert = await pkiEngine.sign(csr, Constants.switchFQDN);
   const certInfo = pkiEngine.getCertInfo(newCert);
 
   const inboundEnrollment = {