feat(lib): disable Common Name by default (#2802)

certificate/certificates.go

@@ -126,7 +126,7 @@ type CertifierOptions struct {
 	KeyType             certcrypto.KeyType
 	Timeout             time.Duration
 	OverallRequestLimit int
-	DisableCommonName   bool
+	EnableCommonName    bool
 }
 
 // Certifier A service to obtain/renew/revoke certificates.
@@ -305,7 +305,7 @@ func (c *Certifier) getForOrder(ctx context.Context, domains []string, order acm
 	}
 
 	commonName := ""
-	if len(domains[0]) <= 64 && !c.options.DisableCommonName {
+	if len(domains[0]) <= 64 && c.options.EnableCommonName {
 		commonName = domains[0]
 	}
 

cmd/setup.go

@@ -54,7 +54,7 @@ func newClient(ctx *cli.Context, acc registration.User, keyType certcrypto.KeyTy
 		KeyType:             keyType,
 		Timeout:             time.Duration(ctx.Int(flgCertTimeout)) * time.Second,
 		OverallRequestLimit: ctx.Int(flgOverallRequestLimit),
-		DisableCommonName:   ctx.Bool(flgDisableCommonName),
+		EnableCommonName:    !ctx.Bool(flgDisableCommonName),
 	}
 	config.UserAgent = getUserAgent(ctx)
 

lego/client.go

@@ -58,7 +58,7 @@ func NewClient(config *Config) (*Client, error) {
 		KeyType:             config.Certificate.KeyType,
 		Timeout:             config.Certificate.Timeout,
 		OverallRequestLimit: config.Certificate.OverallRequestLimit,
-		DisableCommonName:   config.Certificate.DisableCommonName,
+		EnableCommonName:    config.Certificate.EnableCommonName,
 	}
 
 	certifier := certificate.NewCertifier(core, prober, options)

lego/client_config.go

@@ -64,7 +64,7 @@ type CertificateConfig struct {
 	KeyType             certcrypto.KeyType
 	Timeout             time.Duration
 	OverallRequestLimit int
-	DisableCommonName   bool
+	EnableCommonName    bool
 }
 
 // createDefaultHTTPClient Creates an HTTP client with a reasonable timeout value