From 41ff80b4aeb20b762e5f64ebb2508496be8f04ba Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Wed, 14 Nov 2012 23:55:47 -0800
Subject: only generate cert of x509.user == true

---
 lib/leap_cli/commands/ca.rb | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'lib/leap_cli/commands/ca.rb')

diff --git a/lib/leap_cli/commands/ca.rb b/lib/leap_cli/commands/ca.rb
index 59eb620..830b468 100644
--- a/lib/leap_cli/commands/ca.rb
+++ b/lib/leap_cli/commands/ca.rb
@@ -51,6 +51,8 @@ module LeapCli; module Commands
       assert_files_exist! :ca_cert, :ca_key, :msg => 'Run init-ca to create them'
       assert_config! 'provider.ca.server_certificates.bit_size'
       assert_config! 'provider.ca.server_certificates.life_span'
+      assert_config! 'common.x509.use'
+
       if args.first == 'all' || args.empty?
         manager.each_node do |node|
           if cert_needs_updating?(node)
@@ -118,6 +120,8 @@ module LeapCli; module Commands
   end
 
   def generate_cert_for_node(node)
+    return if node.x509.use == false
+
     cert = CertificateAuthority::Certificate.new
 
     # set subject
-- 
cgit v1.2.3