Commit 5191cfc4 authored by k8s-merge-robot's avatar k8s-merge-robot

Merge pull request #20931 from gswallow/master

Auto commit by PR queue bot
parents 8d80af4a 646c22e4
...@@ -39,7 +39,16 @@ if [ "$cert_ip" == "_use_gce_external_ip_" ]; then ...@@ -39,7 +39,16 @@ if [ "$cert_ip" == "_use_gce_external_ip_" ]; then
fi fi
if [ "$cert_ip" == "_use_aws_external_ip_" ]; then if [ "$cert_ip" == "_use_aws_external_ip_" ]; then
cert_ip=$(curl -s http://169.254.169.254/latest/meta-data/public-ipv4) # If there's no public IP assigned (e.g. this host is running on an internal subnet in a VPC), then
# curl will happily spit out the contents of AWS's 404 page and an exit code of zero.
#
# The string containing the 404 page trips up one of easyrsa's calls to openssl later; whichever
# one creates the CA certificate, because the 404 page is > 64 characters.
if cert_ip=$(curl -f -s http://169.254.169.254/latest/meta-data/public-ipv4); then
:
else
cert_ip=$(curl -f -s http://169.254.169.254/latest/meta-data/local-ipv4)
fi
fi fi
sans="IP:${cert_ip}" sans="IP:${cert_ip}"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment