Skip to content

Commit

Permalink
Fix bug where Edge CA is always self-signed (Azure#5644)
Browse files Browse the repository at this point in the history
Accidentally passed handle of Edge CA as its own issuer, which caused aziot-certd to always issue it as self-signed. Change to None so aziot-certd checks cert_issuance options instead.
  • Loading branch information
gordonwang0 authored Oct 7, 2021
1 parent ea00f6c commit 4e7a5bb
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion edgelet/edgelet-http-workload/src/module/cert/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -274,7 +274,7 @@ pub(crate) async fn check_edge_ca(
.map_err(|_| edgelet_http::error::server_error("failed to generate edge ca csr"))?;

cert_client
.create_cert(edge_ca_cert, &csr, Some((edge_ca_cert, key_handle)))
.create_cert(edge_ca_cert, &csr, None)
.await
.map_err(|_| edgelet_http::error::server_error("failed to create edge ca cert"))?;

Expand Down

0 comments on commit 4e7a5bb

Please sign in to comment.