From d144f9fac7d5d41096acf6e313a5b006626224d2 Mon Sep 17 00:00:00 2001
From: hari <haripk@juniper.net>
Date: Wed, 15 Jul 2015 16:44:44 +0530
Subject: [PATCH] Make SSL certificate for TOR-Agent valid for 10 year period.

Change-Id: I325f9c35606b74a647b12645c75a21db1f0e801a
closes-bug: 1474803
---
 fabfile/tasks/provision.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/fabfile/tasks/provision.py b/fabfile/tasks/provision.py
index 43a5b1549..ac236e060 100644
--- a/fabfile/tasks/provision.py
+++ b/fabfile/tasks/provision.py
@@ -1868,8 +1868,9 @@ def add_tor_agent_by_index(index, node_info, restart=True):
                     ssl_files_copied_from_standby = True
             # Generate files if we didn't copy from standby
             if not ssl_files_copied_from_standby:
-                ssl_cmd = "openssl req -new -x509 -sha256 -newkey rsa:4096 -nodes -subj \"/C=US/ST=Global/L="
-                ssl_cmd += tor_name + "/O=" + tor_vendor_name + "/CN=" + domain_name + "\""
+                ssl_cmd = "openssl req -new -x509 -days 3650 -text -sha256"
+                ssl_cmd += " -newkey rsa:4096 -nodes -subj \"/C=US/ST=Global/O="
+                ssl_cmd += + tor_vendor_name + "/CN=" + domain_name + "\""
                 ssl_cmd += " -keyout " + privkey_file + " -out " + cert_file
                 sudo(ssl_cmd)