We're updating the issue view to help you get more done. 

CSRs generated by ssl-signing-request.jsp do not have metatata

Description

When a CSR is created through the Server Certificates interface in the admin console, and the issuer information is updated the only information the CSR will contain is the CN.

Environment

None

Acceptance Test - Entry

  1. Create new CSR in openfire server certificates page

  2. Update issuer information

  3. Verify that issuer information is in generated CSR

Activity

Show:
Gaston Dombiak
November 29, 2007, 8:00 AM

Openfire is currently placing the issuer information in the issuerDN and just the XMPP domain in the subjectDN and the subjectAltNames like in the following example:

IssuerDN: CN=Name,OU=OU,O=O,L=city,ST=State,C=cc
SubjectDN: CN=test
Extensions:
critical(false) 2.5.29.17 value = DER Sequence
Tagged [0] IMPLICIT
DER Sequence
ObjectIdentifier(1.3.6.1.5.5.7.8.5)
Tagged [0]
UTF8String(*.test)

I'm trying to figure out if our interpretation of the specs was correct and if most CAs will be happy with our CSR.

Assignee

Gaston Dombiak

Reporter

chase caster

Labels

None

Expected Effort

None

Ignite Forum URL

None

Components

Fix versions

Affects versions

Priority

Major
Configure