From 85e35335fb0db0142f2a71589b44debf7e450fa2 Mon Sep 17 00:00:00 2001
From: hari <haripk@juniper.net>
Date: Wed, 15 Jul 2015 16:26:08 +0530
Subject: [PATCH] Make SSL certificate for TOR-Agent valid for 10 year period.

Change-Id: I3ac1cf1673f8697fdabf006bf06b9e2ffdb2b551
closes-bug: 1474803
---
 fabfile/tasks/provision.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/fabfile/tasks/provision.py b/fabfile/tasks/provision.py
index c0a6257ea..941cd0bec 100644
--- a/fabfile/tasks/provision.py
+++ b/fabfile/tasks/provision.py
@@ -1876,8 +1876,9 @@ def add_tor_agent_by_index(index, node_info, restart=True):
                     ssl_files_copied_from_standby = True
             # Generate files if we didn't copy from standby
             if not ssl_files_copied_from_standby:
-                ssl_cmd = "openssl req -new -x509 -sha256 -newkey rsa:4096 -nodes -subj \"/C=US/ST=Global/L="
-                ssl_cmd += tor_name + "/O=" + tor_vendor_name + "/CN=" + domain_name + "\""
+                ssl_cmd = "openssl req -new -x509 -days 3650 -text -sha256"
+                ssl_cmd += " -newkey rsa:4096 -nodes -subj \"/C=US/ST=Global/O="
+                ssl_cmd += + tor_vendor_name + "/CN=" + domain_name + "\""
                 ssl_cmd += " -keyout " + privkey_file + " -out " + cert_file
                 sudo(ssl_cmd)