do not include random cruft in the common name of smtp client certificates

2 files changed, 9 insertions, 3 deletions

diff --git a/app/controllers/v1/smtp_certs_controller.rb b/app/controllers/v1/smtp_certs_controller.rb
index fa53b26..75f524c 100644
--- a/app/controllers/v1/smtp_certs_controller.rb
+++ b/app/controllers/v1/smtp_certs_controller.rb
@@ -6,7 +6,7 @@ class V1::SmtpCertsController < ApiController
 
   # POST /1/smtp_cert
   def create
-    @cert = ClientCertificate.new prefix: current_user.email_address
+    @cert = ClientCertificate.new common_name: current_user.email_address
     @identity.register_cert(@cert)
     @identity.save
     render text: @cert.to_s, content_type: 'text/plain'
diff --git a/app/models/client_certificate.rb b/app/models/client_certificate.rb
index 688d5c0..1716365 100644
--- a/app/models/client_certificate.rb
+++ b/app/models/client_certificate.rb
@@ -21,7 +21,13 @@ class ClientCertificate
     cert = CertificateAuthority::Certificate.new
 
     # set subject
-    cert.subject.common_name = common_name(options[:prefix])
+    if options[:prefix]
+      cert.subject.common_name = common_name_with_prefix(options[:prefix])
+    elsif options[:common_name]
+      cert.subject.common_name = options[:common_name]
+    else
+      raise ArgumentError.new
+    end
 
     # set expiration
     cert.not_before = last_month
@@ -77,7 +83,7 @@ class ClientCertificate
     Digest::MD5.hexdigest("#{rand(10**10)} -- #{Time.now}").to_i(16)
   end
 
-  def common_name(prefix = nil)
+  def common_name_with_prefix(prefix = nil)
     [prefix, random_common_name].join
   end