fix(pkg/tls): correct server cert signing

leogr · poiana · commit 037c95107454 · 2019-12-20T18:26:42.000+01:00
Signed-off-by: Leonardo Grasso &lt;me@leonardograsso.com&gt;
diff --git a/pkg/tls/generator.go b/pkg/tls/generator.go
@@ -137,14 +137,15 @@ func (g *GRPCTLSGenerator) Generate() error {
 		Organization: g.Organization,
 		CommonName:   g.CommonName,
 	}
-	serverCert, err := openssl.NewCertificate(serverCASigningInfo, caKey)
+	serverCert, err := openssl.NewCertificate(serverCASigningInfo, serverKey)
 	if err != nil {
 		return fmt.Errorf("unable to create new server cert: %v", err)
 	}
 	serverCert.SetIssuer(caCert)
-	err = caCert.Sign(caKey, openssl.EVP_SHA256)
+
+	err = serverCert.Sign(serverKey, openssl.EVP_SHA256)
 	if err != nil {
-		return fmt.Errorf("unable to sign caCert: %v", err)
+		return fmt.Errorf("unable to sign serverCert: %v", err)
 	}
 	err = serverCert.Sign(caKey, openssl.EVP_SHA256)
 	if err != nil {

Original file line number	Diff line number	Diff line change
`@@ -137,14 +137,15 @@ func (g *GRPCTLSGenerator) Generate() error {`
`137`	`137`	`Organization: g.Organization,`
`138`	`138`	`CommonName: g.CommonName,`
`139`	`139`	`}`
`140`		`- serverCert, err := openssl.NewCertificate(serverCASigningInfo, caKey)`
	`140`	`+ serverCert, err := openssl.NewCertificate(serverCASigningInfo, serverKey)`
`141`	`141`	`if err != nil {`
`142`	`142`	`return fmt.Errorf("unable to create new server cert: %v", err)`
`143`	`143`	`}`
`144`	`144`	`serverCert.SetIssuer(caCert)`
`145`		`- err = caCert.Sign(caKey, openssl.EVP_SHA256)`
	`145`	`+`
	`146`	`+ err = serverCert.Sign(serverKey, openssl.EVP_SHA256)`
`146`	`147`	`if err != nil {`
`147`		`- return fmt.Errorf("unable to sign caCert: %v", err)`
	`148`	`+ return fmt.Errorf("unable to sign serverCert: %v", err)`
`148`	`149`	`}`
`149`	`150`	`err = serverCert.Sign(caKey, openssl.EVP_SHA256)`
`150`	`151`	`if err != nil {`