OpenCHAMI · synackd · Jul 16, 2025 · Jul 10, 2025 · Jul 11, 2025 · Jul 11, 2025
diff --git a/scripts/bootstrap_openchami.sh b/scripts/bootstrap_openchami.sh
@@ -28,6 +28,7 @@ generate_environment_file() {
   local short_name=$(hostname -s)
   local dns_name=$(hostname -d)
   local system_fqdn=$(hostname)
+
   sed -i "s/^SYSTEM_NAME=.*/SYSTEM_NAME=${short_name}/" /etc/openchami/configs/openchami.env
   sed -i "s/^SYSTEM_DOMAIN=.*/SYSTEM_DOMAIN=${dns_name}/" /etc/openchami/configs/openchami.env
   sed -i "s/^SYSTEM_URL=.*/SYSTEM_URL=${system_fqdn}/" /etc/openchami/configs/openchami.env
@@ -40,10 +41,12 @@ generate_environment_file() {
 
 acme_correction() {
   local system_fqdn=$(hostname)
+  primary_ip=$(hostname -I | awk '{print $1}')
   sed -i "s|-d .* \\\\|-d ${system_fqdn} \\\\|" /etc/containers/systemd/acme-deploy.container
   sed -i "s/^ContainerName=.*/ContainerName=${system_fqdn}/" /etc/containers/systemd/acme-register.container
   sed -i "s/^HostName=.*/HostName=${system_fqdn}/" /etc/containers/systemd/acme-register.container
   sed -i "s|-d .* \\\\|-d ${system_fqdn} \\\\|" /etc/containers/systemd/acme-register.container
+  sed -i "s|--add-host='demo\.openchami\.cluster:[0-9\.]*'|--add-host='${system_fqdn}:${primary_ip}'|" /etc/containers/systemd/opaal.container
 }
 
 # Check and create secrets with random passwords if needed

diff --git a/scripts/openchami-certificate-update b/scripts/openchami-certificate-update
@@ -4,6 +4,7 @@ update_dns() {
     local system_fqdn=$1
     local short_name="${system_fqdn%%.*}" 
     local dns_name="${system_fqdn#*.}"
+    local primary_ip=$(hostname -I | awk '{print $1}')
 
     # Update names in environment and acme containers
     sed -i "s/^SYSTEM_NAME=.*/SYSTEM_NAME=${short_name}/" /etc/openchami/configs/openchami.env
@@ -18,15 +19,29 @@ update_dns() {
     sed -i "s/^ContainerName=.*/ContainerName=${system_fqdn}/" /etc/containers/systemd/acme-register.container
     sed -i "s/^HostName=.*/HostName=${system_fqdn}/" /etc/containers/systemd/acme-register.container
     sed -i "s|-d .* \\\\|-d ${system_fqdn} \\\\|" /etc/containers/systemd/acme-register.container
+    sed -i "s|--add-host='.*|--add-host='${system_fqdn}:${primary_ip}'|" /etc/containers/systemd/opaal.container
 
-    # Re-apply Certificates
-    systemctl restart acme-deploy
-    systemctl restart haproxy
+    # Reload systemD after .container changes
+    systemctl daemon-reload
+
+    echo "Changed FQDN to ${1}"
+    echo 'Either restart all of the OpenCHAMI services:'
+    echo
+    echo '  sudo systemctl restart openchami.target'
+    echo
+    echo 'or run the following to just regenerate/redeploy the certificates:'
+    echo
+    echo '  sudo systemctl restart acme-deploy'
+    echo
 }
 
 help_page() {
     echo "OpenCHAMI Certificate Update"
-    echo "Usage: $0 update (dns name) ex. demo.openchami.cluster"
+    echo "Update OpenCHAMI Certificates"
+    echo "Usage: $0 update FQDN"
+    echo
+    echo "EXAMPLES:"
+    echo "  $0 update demo.openchami.cluster"
 
 }
 case "$1" in 
@@ -43,7 +58,7 @@ case "$1" in
         fi
         ;;
     *)
-    help_page
-    exit 1
+        help_page
+        exit 1
     ;;
 esac