From d30cd4f2ca5e3b5b22ddcb8d55ce6c18f5ab95e5 Mon Sep 17 00:00:00 2001
From: klention <klention@gmail.com>
Date: Tue, 24 Dec 2024 16:22:30 +0100
Subject: [PATCH] Added subject to the TLS certificate signing request

---
 automation/roles/tls_certificate/generate/tasks/main.yml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/automation/roles/tls_certificate/generate/tasks/main.yml b/automation/roles/tls_certificate/generate/tasks/main.yml
index 06a3d58e7..9f869d81c 100644
--- a/automation/roles/tls_certificate/generate/tasks/main.yml
+++ b/automation/roles/tls_certificate/generate/tasks/main.yml
@@ -80,7 +80,7 @@
     - name: "Create server CSR"
       community.crypto.openssl_csr_pipe:
         privatekey_path: "/etc/tls/server.key"
-        common_name: postgresql.cluster
+        common_name: "{{ patroni_cluster_name }}"
         key_usage:
           - digitalSignature
           - keyEncipherment
@@ -88,6 +88,10 @@
         extended_key_usage:
           - clientAuth
           - serverAuth
+        subject:
+          C: "AL"
+          O: "autobase"
+          CN: "{{ patroni_cluster_name }}"
         subject_alt_name: "{{ subject_alt_name }}"
       register: csr