Zi Lin
Zi Lin
Thanks for the feedback. Yes the indexing of the certificate in the db may need some work to get it more robust against different way of encoding. I will investigate...
apology here. I am busy with other tasks. I will catch up when I have time.
The "authority_key_id": "12345678901234567890123456789000" is real? The value is supposed to be the "subject key identifier" from the CA certificate.
@chaica would you use "36cbd9a8cd1db45be7ddfeef55586cc5df00517", notice that ":5" needs to be "0x05".
It's actually possible to use cfssl/csr package to generate a CSR with a subject containing multiple OUs. Here is an example `csr_test.json`: `{ "key": { "algo": "ecdsa", "size": 256 },...
you are right, we can generate a PEM-encoded CSR which has multiple OUs, but when we trying to parse that CSR into go structure, we only get the first OU...
ok, if that's your json file, it is malformed. look at line 4, use `jq` to check.
I can't reproduce, are you using the tip of cfssl? Build cfssl from current master and try again.
`cfssl sign -ca ca.pem -ca-key ca-key.pem -profile intermediate -config config.json intermediate.csr -loglevel=0` paste the output
We can't reproduce. You can literally locate the error message to one line of code. If you find the problem, patches are welcomed.