From: Lukas Schauer Date: Mon, 10 Jul 2017 22:35:51 +0000 (+0200) Subject: support otherName SAN entries for domain verification (fixes #356) X-Git-Tag: v0.5.0~28 X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=4e7fb80bcd4ebb2702e74d0fa95b003967abda72;p=thirdparty%2Fdehydrated.git support otherName SAN entries for domain verification (fixes #356) --- diff --git a/dehydrated b/dehydrated index f66e54d..84adfe3 100755 --- a/dehydrated +++ b/dehydrated @@ -484,11 +484,11 @@ extract_altnames() { # shellcheck disable=SC1003 altnames="$( <<<"${altnames}" _sed -e 's/^[[:space:]]*//; s/, /\'$'\n''/g' )" # we can only get DNS: ones signed - if grep -qv '^DNS:' <<<"${altnames}"; then + if grep -qEv '^(DNS|othername):' <<<"${altnames}"; then _exiterr "Certificate signing request contains non-DNS Subject Alternative Names" fi # strip away the DNS: prefix - altnames="$( <<<"${altnames}" _sed -e 's/^DNS://' )" + altnames="$( <<<"${altnames}" _sed -e 's/^(DNS:|othername:)//' )" echo "${altnames}" else