Add Localhost to Subject Alternative Name of Self-Signed SSL Certificate of vFunction Server to run Static Analysis on the same Linux VM
Overview of the Issue
This issue occurs in the following circumstances:
- An organization installs Docker on a Linux VM for the vFunction Server
- The organization creates a self-signed certificate to ensure that vFunction Server traffic communicates over HTTPS
- The organization installs the Static Agent (Viper) on the same Linux VM using the SSL Certificate’s Common Name as the installation.yaml’s controller.host, such as https://172.31.15.15
- Unexpectedly, the vFunction Server UI displays, “NA” for the Total Classes, per-domain Static Classes and Dead Classes
Solution
The following steps can be used to resolve this issue:
- Create a new SSL Certificate and Key
### The sample below can be used for a Root / Sudo Installation
### Modify the values in lines 4 & 5 of this text field to be relevant for the organization
openssl req -x509 -newkey rsa:4096 -sha256 -nodes \
-keyout /etc/sysconfig/vfunction/nginx/certs/server.key \
-out /etc/sysconfig/vfunction/nginx/certs/server.crt \
-days 730 \
-subj "/C=US/ST=State/L=City/O=Org/OU=Com/CN=ip.address.of.server" \
-addext "subjectAltName=DNS:localhost,IP:127.0.0.1"
- Run the vFunction Server Upgrade
### The sample below can be used for a Root / Sudo Installation
bash /opt/vfunction/server-installation/upgrade.sh
- Modify the vFunction Static Agent (Viper) Instance’s /etc/sysconfig/vfunction/installation/instances/$VIPERINST/installation.yaml
controller:
host: https://127.0.0.1
- Run the vFunction Static Agent Upgrade
bash /opt/vfunction/controller-installation/upgrade.sh -i $VIPERINST