From 649b20659b02f0adc2595692ffa2854b19871f8c Mon Sep 17 00:00:00 2001
From: Adnan Maolood <me@adnano.co>
Date: Thu, 4 Mar 2021 20:04:46 -0500
Subject: [PATCH] Revert "certificate: Remove Subject from CreateOptions"

This reverts commit ce649ecc66ba390a5e9f95c027a15030f90c3b36.
---
 certificate/create.go | 9 +++++++++
 certificate/store.go  | 4 ++++
 examples/cert.go      | 4 ++++
 3 files changed, 17 insertions(+)

diff --git a/certificate/create.go b/certificate/create.go
index 7bcb13b..2d00ded 100644
--- a/certificate/create.go
+++ b/certificate/create.go
@@ -9,6 +9,7 @@ import (
 	"crypto/rand"
 	"crypto/tls"
 	"crypto/x509"
+	"crypto/x509/pkix"
 	"encoding/pem"
 	"math/big"
 	"net"
@@ -27,6 +28,13 @@ type CreateOptions struct {
 	// Should contain the IP addresses that the certificate is valid for.
 	IPAddresses []net.IP
 
+	// Subject specifies the certificate Subject.
+	//
+	// Subject.CommonName can contain the DNS name that this certificate
+	// is valid for. Server certificates should specify both a Subject
+	// and a Subject Alternate Name.
+	Subject pkix.Name
+
 	// Duration specifies the amount of time that the certificate is valid for.
 	Duration time.Duration
 
@@ -92,6 +100,7 @@ func newX509KeyPair(options CreateOptions) (*x509.Certificate, crypto.PrivateKey
 		BasicConstraintsValid: true,
 		IPAddresses:           options.IPAddresses,
 		DNSNames:              options.DNSNames,
+		Subject:               options.Subject,
 	}
 
 	crt, err := x509.CreateCertificate(rand.Reader, &template, &template, pub, priv)
diff --git a/certificate/store.go b/certificate/store.go
index 067dfcc..83e4ffe 100644
--- a/certificate/store.go
+++ b/certificate/store.go
@@ -3,6 +3,7 @@ package certificate
 import (
 	"crypto/tls"
 	"crypto/x509"
+	"crypto/x509/pkix"
 	"errors"
 	"fmt"
 	"io/fs"
@@ -169,6 +170,9 @@ func (s *Store) createCertificate(scope string) (tls.Certificate, error) {
 	}
 	return Create(CreateOptions{
 		DNSNames: []string{scope},
+		Subject: pkix.Name{
+			CommonName: scope,
+		},
 		Duration: 250 * 365 * 24 * time.Hour,
 	})
 }
diff --git a/examples/cert.go b/examples/cert.go
index da07b3c..91a4be0 100644
--- a/examples/cert.go
+++ b/examples/cert.go
@@ -5,6 +5,7 @@
 package main
 
 import (
+	"crypto/x509/pkix"
 	"fmt"
 	"log"
 	"os"
@@ -24,6 +25,9 @@ func main() {
 		log.Fatal(err)
 	}
 	options := certificate.CreateOptions{
+		Subject: pkix.Name{
+			CommonName: host,
+		},
 		DNSNames: []string{host},
 		Duration: duration,
 	}