X-Git-Url: https://git.enpas.org/?a=blobdiff_plain;f=prosodyctl;h=247b099a94f73a30109a7139e45103a9fe32332f;hb=8785dcd4bd1ee99ad5653c0deea83e9730c06400;hp=06590d1cca64fa2cb946cb04675b5c2855d0f677;hpb=a250fef0d85ce72abc910f7ccf53e2830358990f;p=prosody.git

diff --git a/prosodyctl b/prosodyctl
index 06590d1c..247b099a 100755
--- a/prosodyctl
+++ b/prosodyctl
@@ -662,19 +662,27 @@ function cert_commands.config(arg)
 		conf:from_prosody(hosts, config, arg);
 		show_message("Please provide details to include in the certificate config file.");
 		show_message("Leave the field empty to use the default value or '.' to exclude the field.")
-		for k, v in pairs(conf.distinguished_name) do
-			local nv;
-			if k == "commonName" then 
-				v = arg[1]
-			elseif k == "emailAddress" then
-				v = "xmpp@" .. arg[1];
-			end
-			nv = show_prompt(("%s (%s):"):format(k, nv or v));
-			nv = (not nv or nv == "") and v or nv;
-			if nv:find"[\192-\252][\128-\191]+" then
-				conf.req.string_mask = "utf8only"
+		for i, k in ipairs(openssl._DN_order) do
+			local v = conf.distinguished_name[k];
+			if v then
+				local nv;
+				if k == "commonName" then
+					v = arg[1]
+				elseif k == "emailAddress" then
+					v = "xmpp@" .. arg[1];
+				elseif k == "countryName" then
+					local tld = arg[1]:match"%.([a-z]+)$";
+					if tld and #tld == 2 and tld ~= "uk" then
+						v = tld:upper();
+					end
+				end
+				nv = show_prompt(("%s (%s):"):format(k, nv or v));
+				nv = (not nv or nv == "") and v or nv;
+				if nv:find"[\192-\252][\128-\191]+" then
+					conf.req.string_mask = "utf8only"
+				end
+				conf.distinguished_name[k] = nv ~= "." and nv or nil;
 			end
-			conf.distinguished_name[k] = nv ~= "." and nv or nil;
 		end
 		local conf_file = io.open(conf_filename, "w");
 		conf_file:write(conf:serialize());