fixes

Venafi · May 9, 2024 · 57b4086 · 57b4086
1 parent 45381e2
commit 57b4086
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 9 deletions.
diff --git a/config/general-config.yaml b/config/general-config.yaml
@@ -1,11 +1,11 @@
 bootstrap:
   selfSigned:
     csr:
-      commonName: Demo
+      commonName: Firefly Playground
       privateKey:
-        algorithm: ECDSA
-        size: 256
-      duration: 8760h # one year
+        algorithm: EC
+        size: P256
+      duration: PT8760H # one year
     trustRootDirectory: /etc/firefly/trust
 signer:
   inMemory: true
@@ -25,10 +25,10 @@ server:
         urls:
         - http://jwt-this.example:8000/.well-known/jwks.json
   authorization:
-    configuration: Basic Demo
+    configuration: Firefly Playground
 
 policies:
-- name: Basic Demo
+- name: Firefly Playground
   keyUsages:
   - digitalSignature
   - keyEncipherment

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -2,7 +2,7 @@ services:
   elevate-1:
     image: "3goats/elevate:buildx-latest"
     #image: "3goats/elevate" 
-    command: add --api-key ${TLSPC_API_KEY} -f /config/general-config.yaml --force -p firefly-playground -t firefly-playground
+    command: add --api-key ${TLSPC_API_KEY} -f /config/general-config.yaml --force -p Firefly Playground -t Firefly Playground
     volumes:
       - ./config:/config
     profiles:

diff --git a/nginx-conf/entrypoint/getcert.sh b/nginx-conf/entrypoint/getcert.sh
@@ -1,10 +1,10 @@
 #!/bin/sh
 if [ "$1" = "reload"  ]; then 
     echo "Requesting certificate with NGINX reload"
-    $vcert enroll --platform firefly -u https://firefly.venafi.example:8281 -t $token --no-prompt --insecure --cn www.5goats.cafe  --san-dns www.5goats.cafe -z "Basic Demo" --key-file /certs/privkey.pem --cert-file /certs/fullchain.pem
+    $vcert enroll --platform firefly -u https://firefly.venafi.example:8281 -t $token --insecure --cn www.5goats.cafe  --san-dns www.5goats.cafe -z "Firefly Playground" --key-file /certs/privkey.pem --cert-file /certs/fullchain.pem --no-prompt
     nginx -s reload
     else
   echo "Requesting certificate without NGINX reload"
-  $vcert enroll --platform firefly -u https://firefly.venafi.example:8281 -t $token --no-prompt --insecure --cn www.5goats.cafe  --san-dns www.5goats.cafe -z "Basic Demo" --key-file /certs/privkey.pem --cert-file /certs/fullchain.pem
+  $vcert enroll --platform firefly -u https://firefly.venafi.example:8281 -t $token --insecure --cn www.5goats.cafe  --san-dns www.5goats.cafe -z "Firefly Playground" --key-file /certs/privkey.pem --cert-file /certs/fullchain.pem --no-prompt
 fi