Skip to content

Commit

Permalink
critical in nameConstraints lost after last refactoring
Browse files Browse the repository at this point in the history
  • Loading branch information
@jackivanov
jackivanov authored Jan 21, 2020
1 parent c5cfe92 commit 9317054
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion roles/strongswan/defaults/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,8 @@ subjectAltName: >-
{%- if ipv6_support -%},IP:{{ ansible_default_ipv6['address'] }}{%- endif -%}
subjectAltName_USER: "email:{{ item }}@{{ openssl_constraint_random_id }}"
nameConstraints: >-
permitted;{{ subjectAltName_type }}:{{ IP_subject_alt_name }}{{- '/255.255.255.255' if subjectAltName_type == 'IP' else '' -}}
critical
,permitted;{{ subjectAltName_type }}:{{ IP_subject_alt_name }}{{- '/255.255.255.255' if subjectAltName_type == 'IP' else '' -}}
{%- if subjectAltName_type == 'IP' -%}
,permitted;DNS:{{ openssl_constraint_random_id }}
{%- else -%}
Expand Down

0 comments on commit 9317054

Please sign in to comment.