Package: ssl-cert Version: 1.1.2 Severity: normal X-Debbugs-Cc: martin-eric.rac...@iki.fi
In its current form, 'make-ssl-cert --force-overwrite generate-default-snakeoil' generates a KEY and PEM pair for 'hostname'. This produces an invalid certificate if the HTTP server is running on an interface other than the default one. It would therefore be desirable to specify '--hostname foo' to generate the certificate for the correct FQDN. Thanks! Martin-Éric -- System Information: Debian Release: 12.8 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable-debug'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-28-amd64 (SMP w/8 CPU threads; PREEMPT) Locale: LANG=fi_FI.utf8, LC_CTYPE=fi_FI.utf8 (charmap=UTF-8), LANGUAGE=fi:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages ssl-cert depends on: ii adduser 3.134 ii debconf [debconf-2.0] 1.5.82 ii openssl 3.0.15-1~deb12u1 ssl-cert recommends no packages. ssl-cert suggests no packages. -- debconf information: make-ssl-cert/altname: make-ssl-cert/hostname: localhost make-ssl-cert/title: make-ssl-cert/vulnerable_prng:
