0000952: CSR not signed, pending forever: "Supported Key Types and Sizes"

ID	Project	Category	View Status	Date Submitted	Last Update

0000952	Main CAcert Website	certificate issuing	public	2011-06-15 07:59	2013-01-07 21:55

Reporter	edgarwahn	Assigned To	Uli60
Priority	normal	Severity	major	Reproducibility	have not tried
Status	needs work	Resolution	open
Platform	Main CAcert Website	OS	N/A	OS Version	stable

Summary	0000952: CSR not signed, pending forever: "Supported Key Types and Sizes"
Description	Submitted by Christopher Head <headch@gmail.com> <<<<<< Hi, Is there a list somewhere of what key types and sizes are supported by CACert? Whenever I've submitted 1024-bit RSA or DSA CSRs, they've been signed almost instantly. I submitted a 3072-bit DSA CSR for a client certificate quite a while ago (> 1 hour), and it's still pending! Are 3072-bit DSA keys not supported? What about ECDSA, were I to choose to create such a key? It seems that just leaving the certificate listed as "Pending" forever is a rather misleading way of reporting that the key format is unsupported. Thanks! Chris >>>>> I'm just now querying more details from him to make the problem reproducable.
Tags	No tags attached.

Reviewed by
Test Instructions

Date Modified	Username	Field	Change
2011-06-15 07:59	edgarwahn	New Issue
2011-06-15 07:59	edgarwahn	Status	new => needs work
2011-06-15 07:59	edgarwahn	Assigned To	=> edgarwahn
2011-06-16 11:38	edgarwahn	Note Added: 0002048
2011-06-16 11:39	edgarwahn	Assigned To	edgarwahn => Uli60
2013-01-07 21:55	Werner Dworak	Relationship added	related to 0001101

edgarwahn 2011-06-16 11:38 developer ~0002048	Sent by Chris: I believe I used "openssl dsaparam 3072 > param.pem && openssl gendsa - -out key.pem param.pem && openssl req -new -out req.pem -key key.pem". I've attached the CSR (it's not exactly secret, after all). Chris