From c00da2009e343f08182de6ef9bd95bb8f94c0ec9 Mon Sep 17 00:00:00 2001
From: Henry Avetisyan <hga@verizonmedia.com>
Date: Thu, 11 Nov 2021 20:32:03 -0800
Subject: [PATCH] use country/org config values in csr

Signed-off-by: Henry Avetisyan <hga@verizonmedia.com>
---
 provider/aws/sia-eks/authn.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/provider/aws/sia-eks/authn.go b/provider/aws/sia-eks/authn.go
index 86155c7f004..4b0f1ef0ede 100644
--- a/provider/aws/sia-eks/authn.go
+++ b/provider/aws/sia-eks/authn.go
@@ -129,7 +129,7 @@ func GetRoleCertificate(ztsUrl, svcKeyFile, svcCertFile string, opts *options.Op
 
 		certFilePem := util.GetRoleCertFileName(opts.CertDir, role.Filename, roleName)
 
-		csr, err := util.GenerateRoleCertCSR(key, "US", "", opts.Domain, opts.Services[0].Name, roleName, opts.TaskId, provider, opts.ZTSAWSDomains[0])
+		csr, err := util.GenerateRoleCertCSR(key, opts.CertCountryName, opts.CertOrgName, opts.Domain, opts.Services[0].Name, roleName, opts.TaskId, provider, opts.ZTSAWSDomains[0])
 		if err != nil {
 			logutil.LogInfo(sysLogger, "unable to generate CSR for %s, err: %v\n", roleName, err)
 			failures += 1
@@ -210,7 +210,7 @@ func registerSvc(svc options.Service, data *attestation.AttestationData, ztsUrl
 	}
 
 	provider := getProviderName(opts.ProviderDomain, opts.Region)
-	csr, err := util.GenerateSvcCertCSR(key, "US", "Oath Inc.", opts.Domain, svc.Name, data.Role, opts.TaskId, provider, opts.ZTSAWSDomains, opts.SanDnsWildcard)
+	csr, err := util.GenerateSvcCertCSR(key, opts.CertCountryName, opts.CertOrgName, opts.Domain, svc.Name, data.Role, opts.TaskId, provider, opts.ZTSAWSDomains, opts.SanDnsWildcard)
 	if err != nil {
 		return err
 	}
@@ -280,7 +280,7 @@ func refreshSvc(svc options.Service, data *attestation.AttestationData, ztsUrl s
 		return err
 	}
 
-	csr, err := util.GenerateSvcCertCSR(key, "US", "Oath Inc.", opts.Domain, svc.Name, data.Role, opts.TaskId, provider, opts.ZTSAWSDomains, opts.SanDnsWildcard)
+	csr, err := util.GenerateSvcCertCSR(key, opts.CertCountryName, opts.CertOrgName, opts.Domain, svc.Name, data.Role, opts.TaskId, provider, opts.ZTSAWSDomains, opts.SanDnsWildcard)
 	if err != nil {
 		logutil.LogInfo(sysLogger, "Unable to generate CSR for %s, err: %v\n", opts.Name, err)
 		return err