From 98da19224cf94cfdc5a7c1a49db6f1e846d58674 Mon Sep 17 00:00:00 2001
From: ale <ale@incal.net>
Date: Sun, 5 Aug 2018 12:26:46 +0100
Subject: [PATCH] Do not create CAs with empty subjects

The x509_ca_subject variable shouldn't have an empty default.
---
 playbooks/init-credentials.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/playbooks/init-credentials.yml b/playbooks/init-credentials.yml
index 6c8682a1..f4d5ab01 100644
--- a/playbooks/init-credentials.yml
+++ b/playbooks/init-credentials.yml
@@ -44,4 +44,4 @@
       local_action: command openssl dhparam -out "{{ credentials_dir }}/x509/dhparam" "{{ dhparam_bits | default('2048') }}" creates="{{ credentials_dir }}/x509/dhparam"
 
     - name: Generate the X509 CA certificate
-      local_action: x509_ca ca_subject="{{ x509_ca_subject | default('') }}" ca_cert_path="{{ credentials_dir }}/x509/ca.pem" ca_key_path="{{ credentials_dir }}/x509/ca_private_key.pem"
+      local_action: x509_ca ca_subject="{{ x509_ca_subject | default('CN=Service CA') }}" ca_cert_path="{{ credentials_dir }}/x509/ca.pem" ca_key_path="{{ credentials_dir }}/x509/ca_private_key.pem"
-- 
GitLab