diff options
author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-04-05 15:31:14 +0300 |
---|---|---|
committer | Ed Tanous <ed.tanous@intel.com> | 2019-04-10 19:18:51 +0300 |
commit | 85d2bb5b16beb18571cac2841437e60bf7522bc1 (patch) | |
tree | 4b7994a1c098a0fc7d206d75eed86627433d2b6a | |
parent | 92e07bff901704475f4b91b21f2cb17b3fe171d2 (diff) | |
download | bmcweb-85d2bb5b16beb18571cac2841437e60bf7522bc1.tar.xz |
tls: Avoid Intel reference in in self-signed certs
A step towards upstream OpenBMC shipping free of any branding (other
than OpenBMC branding) or company references.
Tested: Did not test
Change-Id: I4fea765949ff3ad94e3cd52fedec597a77db0e79
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
-rw-r--r-- | README.md | 2 | ||||
-rw-r--r-- | include/ssl_key_handler.hpp | 5 |
2 files changed, 3 insertions, 4 deletions
@@ -29,7 +29,7 @@ When BMCWeb SSL support is enabled and a usable certificate is not found, it will generate a self-sign a certificate before launching the server. The keys are generated by the `prime256v1` algorithm. The certificate - - is issued by `C=US, O=Intel BMC, CN=testhost`, + - is issued by `C=US, O=OpenBMC, CN=testhost`, - is valid for 10 years, - has a random serial number, and - is signed using the `SHA-256` algorithm. diff --git a/include/ssl_key_handler.hpp b/include/ssl_key_handler.hpp index 34a7c04409..9a2e877b35 100644 --- a/include/ssl_key_handler.hpp +++ b/include/ssl_key_handler.hpp @@ -145,8 +145,7 @@ inline void generateSslCertificate(const std::string &filepath) reinterpret_cast<const unsigned char *>("US"), -1, -1, 0); X509_NAME_add_entry_by_txt( name, "O", MBSTRING_ASC, - reinterpret_cast<const unsigned char *>("Intel BMC"), -1, -1, - 0); + reinterpret_cast<const unsigned char *>("OpenBMC"), -1, -1, 0); X509_NAME_add_entry_by_txt( name, "CN", MBSTRING_ASC, reinterpret_cast<const unsigned char *>("testhost"), -1, -1, 0); @@ -326,4 +325,4 @@ inline boost::asio::ssl::context getSslContext(const std::string &ssl_pem_file) } } // namespace ensuressl -#endif
\ No newline at end of file +#endif |