Internal root sort of working, but only sort of. It's skipping the

worker CA and going straight from the root to certifying children,
which is wrong.  However...this is far enough along that we can now
remove all the rootd glorp, which is a worthwhile simplification in
its own right, so checkpoint here, remove rootd glorp, then figure out
what's wrong with the internal certificate hierarchy.

rcynic does validate the current output, given a manually constructed
TAL, even if the current output isn't quite what it should be.  So we
should also be able to sort out the new TAL generation code now.

Yes, checking in a version that works for the wrong reasons is weird,
but the current sort-of-broken state lets us confirm that the lower
levels of the tree are still correct as we go, which would be much
harder if the poor thing just sat there and whimpered until we had
the new internal CA code completely finished.

svn path=/branches/tk705/; revision=6376

1 files changed, 3 insertions, 3 deletions

diff --git a/rp/config/rpki-generate-root-certificate b/rp/config/rpki-generate-root-certificate
index d4ee08fd..10b8b194 100755
--- a/rp/config/rpki-generate-root-certificate
+++ b/rp/config/rpki-generate-root-certificate
@@ -37,9 +37,9 @@ cfg.argparser.add_argument("--tal",         help = "TAL file",         default =
 args = cfg.argparser.parse_args()
 
 resources = rpki.resource_set.resource_bag(
-  asn = rpki.resource_set.resource_set_as(args.asns),
-  v4  = rpki.resource_set.resource_set_ipv4(args.ipv4),
-  v6  = rpki.resource_set.resource_set_ipv6(args.ipv6))
+  asn = args.asns,
+  v4  = args.ipv4,
+  v6  = args.ipv6)
 
 keypair = rpki.x509.RSA.generate(quiet = True)