Skip to content

Purpose of the HOSTNAME argument in the cfssl selfsign command #1404

Open
Open
Purpose of the HOSTNAME argument in the cfssl selfsign command#1404
@borjapazr

Description

@borjapazr
borjapazr
opened on Dec 17, 2024

Hi! 👋

What is the purpose of the HOSTNAME argument of the cfssl selfsign command?

~ ❯ cfssl selfsign --help
	cfssl selfsign -- generate a new self-signed key and signed certificate

Usage of gencert:
        cfssl selfsign HOSTNAME CSRJSON

WARNING: this should ONLY be used for testing. This should never be
used in production.

WARNING: self-signed certificates are insecure; they do not provide
the authentication required for secure systems. Use these at your own
risk.

Arguments:
        HOSTNAME:   Hostname for the cert
        CSRJSON:    JSON file containing the request, use '-' for reading JSON from stdin

Flags:
  -config="": path to configuration file
  -loglevel=1: Log level (0 = DEBUG, 5 = FATAL)

In the help of this command it appears as a mandatory argument before CSRJSON, but checking the created certificate I don't see that it affects it at all. I have been reviewing the source code for this particular command and I don't see anything done with the HOSTNAMEparameter. Why is it necessary to specify it in the command?

Thank you very much!

Best regards

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions