Fix certs so peering succeeds

gen_conf.sh

@@ -9,6 +9,9 @@ new_certs_dir = resources/useless_openssl_data/
 database = resources/useless_openssl_data/db
 policy = policy_anything
 serial = resources/useless_openssl_data/serial
+copy_extensions = copy
+email_in_dn = no
+rand_serial = no
 
 [ policy_anything ]
 countryName		        = optional
@@ -18,13 +21,18 @@ organizationName	    = optional
 organizationalUnitName	= optional
 commonName		        = supplied
 emailAddress		    = optional
+
+[ usr_cert ]
+subjectAltName=subject:copy
 EOF
 
+rm -f resources/useless_openssl_data/db
 touch resources/useless_openssl_data/db
 echo 01 > resources/useless_openssl_data/serial
 
 # Generate CA
 openssl req -x509 -nodes -newkey rsa:2048 -batch \
+    -subj "/CN=Test CA" \
     -outform PEM -out resources/config/ca_cert.pem \
     -keyout resources/ca_cert.key
 
@@ -32,8 +40,9 @@ for server in $*; do
     openssl genrsa -traditional \
         -out resources/config/server_$server.key \
         2048
-    openssl req -nodes -batch \
-        -in resources/config/server_$server.key \
+    openssl req -nodes -batch -new \
+        -addext "subjectAltName = DNS:$server" \
+        -key resources/config/server_$server.key \
         -outform PEM -out resources/server_$server.req
     openssl ca -config resources/openssl.cnf -days 3650 -md sha512 -batch \
         -subj /CN=$server \

src/jable/db.clj

@@ -26,12 +26,12 @@
 
 (defn fingerprint
   [node]
-  (slurp (str "resources/server_" node ".pem.sha1")))
+  (str/trim (slurp (str "resources/server_" node ".pem.sha1"))))
 
 (defn network_conf
   [nodes]
   {
-    :fanout 1
+    :fanout 2
     :ca_file "/usr/local/etc/sable/ca_cert.pem"
 
     :peers (map (fn [node] {:name node