View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0000099 | Main CAcert Website | organisational section | public | 2005-11-29 05:12 | 2013-11-20 22:23 |
Reporter | homer | Assigned To | duane | ||
Priority | normal | Severity | major | Reproducibility | always |
Status | closed | Resolution | duplicate | ||
Fixed in Version | 2006 | ||||
Summary | 0000099: Organisational Server Certs do not include Organisation pieces of Information | ||||
Description | I tested, in July, the organisation client certificates, they looked fine. But recently, the admin of Polyware reported there is no extra info in the server cert. After I've tested the "Polyware" account as org admin, I've tested today the "ISEANE" account, still no info. No matter if you add or not the org info in the CSR, if the domain name is valid, after you choose the certificate class (1 or 3), you insert the CSR block, then you click on "Submit", then the org info appear on the web page. After you've validated the whole thing you get the signed cert. Unfortunately, each time I've tested (4 or 5 times), the org server cert only contained the Domain Name (CN) | ||||
Tags | No tags attached. | ||||
Reviewed by | |||||
Test Instructions | |||||
duplicate of | 0000084 | closed | Organisational web certs do not include any attributes besides CN |
|
test with evaldo's script the screen properly shows the page with the organisation's attributes [gr@gr Pauline 0/0]$ openssl req -in ../_csr.pem -text Certificate Request: Data: Version: 0 (0x0) Subject: CN=*.iseane.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (2048 bit) Modulus (2048 bit): 00:a2:6e:46:7f:43:0e:78:0d:93:4f:ff:8c:4b:78: 7f:8e:6a:9f:cd:b8:d7:48:cb:49:e6:e9:4a:f7:cd: 92:bd:26:a8:10:5e:bc:6d:cc:9d:f7:2a:b5:99:0f: 4c:cf:79:39:79:3c:0c:4e:ae:a8:82:8d:bf:3c:7e: 8e:f3:2b:6f:ca:42:af:31:25:6f:6d:70:f9:3a:87: 93:b9:26:2b:1e:d7:8b:cd:ac:99:7f:32:e7:24:58: 0e:84:66:72:e9:99:a6:e1:54:9c:63:34:e4:1a:4a: e2:f1:38:c8:e5:24:5d:46:3f:b3:f5:0f:d0:f2:65: f5:15:2b:44:bf:a1:80:97:84:e7:e0:68:74:db:f7: e4:f6:df:9f:50:08:f1:fe:29:9c:ef:19:8b:30:e5: a9:81:61:b9:f5:01:55:b7:c8:e3:fb:f5:4a:83:96: 12:20:21:79:a1:75:61:b8:32:dc:cb:ad:c9:50:39: 15:48:f3:61:98:32:96:64:84:62:d8:18:2e:08:24: 6c:b9:e0:b6:d9:c5:9e:0b:9f:85:79:2e:62:99:e5: 31:6c:c5:33:d9:0d:56:50:8a:22:7d:07:05:19:97: 56:62:c1:da:46:0d:6c:6f:6e:5b:b8:b2:02:50:69: 77:50:49:86:6b:0e:51:18:68:c5:f0:b9:ce:28:01: d9:ad Exponent: 65537 (0x10001) Attributes: Requested Extensions: X509v3 Subject Alternative Name: DNS:*.iseane.com Signature Algorithm: sha1WithRSAEncryption 89:fa:bf:ba:c0:5b:0e:d2:c1:b8:af:7b:e1:8f:82:b4:fc:c3: 7b:cc:c7:21:2b:91:4d:85:bb:e3:9a:37:2d:e3:de:d1:75:cd: 9b:61:b1:53:42:07:92:5a:ef:3e:97:0e:4a:28:fd:61:1a:a3: 67:9b:04:1b:0e:2a:2f:87:5c:ce:13:54:35:04:e5:42:c3:9d: 3d:80:0b:99:2d:c3:56:0e:d1:db:ba:0a:28:6e:7e:08:87:c3: 22:75:97:f8:06:5f:1d:1d:1c:52:85:24:d3:07:ed:28:53:00: 2a:05:3a:33:43:20:8f:9b:e4:87:d2:a7:37:8e:25:eb:e4:32: 96:0b:e9:10:f7:25:38:9c:c1:55:97:a0:14:b6:68:35:f5:33: 24:9b:b1:6e:d0:f0:0c:95:a8:b9:01:b7:05:52:5a:13:4a:56: 09:9c:fe:d9:65:af:84:41:28:fc:bf:5e:a3:cc:ea:19:6c:52: 31:11:3e:c8:55:7d:97:8e:0c:92:1a:f5:80:18:18:c6:fe:56: e9:f2:22:d2:5f:4f:a1:ef:97:7c:af:ad:7e:03:f6:da:89:ce: e2:ee:d3:c9:f8:ba:26:b4:9c:8c:35:29:76:70:cc:ce:b3:d1: a0:49:92:17:60:b6:ab:58:9a:49:82:81:a4:b2:fd:46:90:3c: ec:20:55:8a -----BEGIN CERTIFICATE REQUEST----- MIIChjCCAW4CAQAwFzEVMBMGA1UEAxQMKi5pc2VhbmUuY29tMIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAom5Gf0MOeA2TT/+MS3h/jmqfzbjXSMtJ5ulK 982SvSaoEF68bcyd9yq1mQ9Mz3k5eTwMTq6ogo2/PH6O8ytvykKvMSVvbXD5OoeT uSYrHteLzayZfzLnJFgOhGZy6Zmm4VScYzTkGkri8TjI5SRdRj+z9Q/Q8mX1FStE v6GAl4Tn4Gh02/fk9t+fUAjx/imc7xmLMOWpgWG59QFVt8jj+/VKg5YSICF5oXVh uDLcy63JUDkVSPNhmDKWZIRi2BguCCRsueC22cWeC5+FeS5imeUxbMUz2Q1WUIoi fQcFGZdWYsHaRg1sb25buLICUGl3UEmGaw5RGGjF8LnOKAHZrQIDAQABoCowKAYJ KoZIhvcNAQkOMRswGTAXBgNVHREEEDAOggwqLmlzZWFuZS5jb20wDQYJKoZIhvcN AQEFBQADggEBAIn6v7rAWw7Swbive+GPgrT8w3vMxyErkU2Fu+OaNy3j3tF1zZth sVNCB5Ja7z6XDkoo/WEao2ebBBsOKi+HXM4TVDUE5ULDnT2AC5ktw1YO0du6Cihu fgiHwyJ1l/gGXx0dHFKFJNMH7ShTACoFOjNDII+b5IfSpzeOJevkMpYL6RD3JTic wVWXoBS2aDX1MySbsW7Q8AyVqLkBtwVSWhNKVgmc/tllr4RBKPy/XqPM6hlsUjER PshVfZeODJIa9YAYGMb+VunyItJfT6Hvl3yvrX4D9tqJzuLu08n4uia0nIw1KXZw zM6z0aBJkhdgtqtYmkmCgaSy/UaQPOwgVYo= -----END CERTIFICATE REQUEST----- [gr@gr Pauline 0/0]$ openssl x509 -in eva1.crt -text Certificate: Data: Version: 3 (0x2) Serial Number: 110482 (0x1af92) Signature Algorithm: sha1WithRSAEncryption Issuer: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=support@cacert.org Validity Not Before: Nov 30 16:53:19 2005 GMT Not After : Nov 30 16:53:19 2007 GMT Subject: CN=*.iseane.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (2048 bit) Modulus (2048 bit): 00:a2:6e:46:7f:43:0e:78:0d:93:4f:ff:8c:4b:78: 7f:8e:6a:9f:cd:b8:d7:48:cb:49:e6:e9:4a:f7:cd: 92:bd:26:a8:10:5e:bc:6d:cc:9d:f7:2a:b5:99:0f: 4c:cf:79:39:79:3c:0c:4e:ae:a8:82:8d:bf:3c:7e: 8e:f3:2b:6f:ca:42:af:31:25:6f:6d:70:f9:3a:87: 93:b9:26:2b:1e:d7:8b:cd:ac:99:7f:32:e7:24:58: 0e:84:66:72:e9:99:a6:e1:54:9c:63:34:e4:1a:4a: e2:f1:38:c8:e5:24:5d:46:3f:b3:f5:0f:d0:f2:65: f5:15:2b:44:bf:a1:80:97:84:e7:e0:68:74:db:f7: e4:f6:df:9f:50:08:f1:fe:29:9c:ef:19:8b:30:e5: a9:81:61:b9:f5:01:55:b7:c8:e3:fb:f5:4a:83:96: 12:20:21:79:a1:75:61:b8:32:dc:cb:ad:c9:50:39: 15:48:f3:61:98:32:96:64:84:62:d8:18:2e:08:24: 6c:b9:e0:b6:d9:c5:9e:0b:9f:85:79:2e:62:99:e5: 31:6c:c5:33:d9:0d:56:50:8a:22:7d:07:05:19:97: 56:62:c1:da:46:0d:6c:6f:6e:5b:b8:b2:02:50:69: 77:50:49:86:6b:0e:51:18:68:c5:f0:b9:ce:28:01: d9:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Client Authentication, TLS Web Server Authentication, Netscape Server Gated Crypto, Microsoft Server Gated Crypto X509v3 Key Usage: Digital Signature, Key Encipherment Authority Information Access: OCSP - URI:http://ocsp.cacert.org X509v3 Subject Alternative Name: DNS:*.iseane.com Signature Algorithm: sha1WithRSAEncryption 4a:bb:d1:21:7b:9a:61:8f:b6:4e:21:8b:04:39:49:85:06:c2: 48:de:0c:38:62:08:08:ed:de:36:80:cf:25:70:95:29:b1:a7: 35:65:cf:02:bf:9a:22:54:00:f5:7f:47:5a:28:06:b9:c9:5a: ab:13:f9:09:2a:47:b6:af:a2:7d:55:0d:8b:38:7c:44:42:c3: 03:46:2c:eb:f5:85:01:82:ce:90:ec:68:05:d5:30:8f:6e:69: ca:5a:2a:1e:d0:fe:ed:3f:02:40:68:19:91:14:77:ff:ac:4c: 4e:82:03:d3:2e:30:68:f2:39:55:e7:1a:18:7b:ce:ac:a8:b6: f5:c5:e3:1b:05:8c:71:c8:0b:b0:40:de:b4:c1:34:8c:93:c7: a2:0c:76:41:03:39:28:61:4e:d9:8e:c9:c8:f8:3c:a3:e7:b0: f5:2d:7a:f6:55:0c:fa:03:21:e8:c8:f6:74:90:a5:ce:ae:f2: 88:46:ee:3d:f7:de:f8:1a:3c:0a:3b:66:89:6a:52:49:81:51: f1:c3:68:04:37:3a:b2:e2:e5:33:b5:f7:68:51:ad:e7:af:ed: f2:6a:6b:4e:36:5e:70:b9:8a:c1:5a:23:e5:c5:a6:f3:11:77: b8:88:a2:13:c8:8d:80:8e:b0:1b:62:1c:5e:1c:51:a0:c1:84: 68:c0:99:1d:ee:bf:a2:f3:07:cc:cd:f9:62:6d:b3:71:45:24: 3d:2a:7a:fa:11:40:5c:8a:6e:69:7e:87:76:d0:71:36:91:8f: 6c:7e:ba:21:0f:fa:91:cf:4c:8a:6c:f3:ab:b2:e7:db:65:43: 36:f1:2a:2f:0d:f9:fd:e9:d5:e5:87:f9:71:c2:51:6b:aa:a4: 78:1c:4c:c9:e2:51:90:e5:54:7e:d0:70:b6:3a:d0:64:56:92: 5d:8a:a0:8a:e2:93:c4:23:2c:3e:10:6e:61:5f:da:7c:89:19: 4f:3a:4e:dc:8f:c6:8b:2e:1b:ee:fe:ed:df:98:d9:e2:9e:a9: a6:72:58:76:df:0a:88:ec:e5:8c:2f:db:2a:08:67:47:23:a6: 8c:cd:f5:d5:01:fb:42:2b:72:e1:63:34:4b:95:5e:67:f1:12: cc:ac:35:7d:44:0f:0c:0e:6b:0a:29:7b:15:ef:ee:a8:bf:fc: 1a:77:39:e0:24:9d:0b:81:78:0b:6b:90:ea:9b:b0:3a:b7:a0: ef:a1:5d:1f:0b:ba:37:1b:f7:16:fc:37:3c:46:84:91:4c:73: 64:55:2b:16:66:85:ac:37:3f:88:03:dc:9c:8b:23:a3:44:3c: d7:53:f4:60:76:82:e3:d9:d1:37:b4:2e:75:2e:94:c1:68:5c: b8:57:6a:da:44:88:69:19 -----BEGIN CERTIFICATE----- MIIErzCCApegAwIBAgIDAa+SMA0GCSqGSIb3DQEBBQUAMHkxEDAOBgNVBAoTB1Jv b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y dEBjYWNlcnQub3JnMB4XDTA1MTEzMDE2NTMxOVoXDTA3MTEzMDE2NTMxOVowFzEV MBMGA1UEAxQMKi5pc2VhbmUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAom5Gf0MOeA2TT/+MS3h/jmqfzbjXSMtJ5ulK982SvSaoEF68bcyd9yq1 mQ9Mz3k5eTwMTq6ogo2/PH6O8ytvykKvMSVvbXD5OoeTuSYrHteLzayZfzLnJFgO hGZy6Zmm4VScYzTkGkri8TjI5SRdRj+z9Q/Q8mX1FStEv6GAl4Tn4Gh02/fk9t+f UAjx/imc7xmLMOWpgWG59QFVt8jj+/VKg5YSICF5oXVhuDLcy63JUDkVSPNhmDKW ZIRi2BguCCRsueC22cWeC5+FeS5imeUxbMUz2Q1WUIoifQcFGZdWYsHaRg1sb25b uLICUGl3UEmGaw5RGGjF8LnOKAHZrQIDAQABo4GhMIGeMAwGA1UdEwEB/wQCMAAw NAYDVR0lBC0wKwYIKwYBBQUHAwIGCCsGAQUFBwMBBglghkgBhvhCBAEGCisGAQQB gjcKAwMwCwYDVR0PBAQDAgWgMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW aHR0cDovL29jc3AuY2FjZXJ0Lm9yZzAXBgNVHREEEDAOggwqLmlzZWFuZS5jb20w DQYJKoZIhvcNAQEFBQADggIBAEq70SF7mmGPtk4hiwQ5SYUGwkjeDDhiCAjt3jaA zyVwlSmxpzVlzwK/miJUAPV/R1ooBrnJWqsT+QkqR7avon1VDYs4fERCwwNGLOv1 hQGCzpDsaAXVMI9uacpaKh7Q/u0/AkBoGZEUd/+sTE6CA9MuMGjyOVXnGhh7zqyo tvXF4xsFjHHIC7BA3rTBNIyTx6IMdkEDOShhTtmOycj4PKPnsPUtevZVDPoDIejI 9nSQpc6u8ohG7j333vgaPAo7ZolqUkmBUfHDaAQ3OrLi5TO192hRreev7fJqa042 XnC5isFaI+XFpvMRd7iIohPIjYCOsBtiHF4cUaDBhGjAmR3uv6LzB8zN+WJts3FF JD0qevoRQFyKbml+h3bQcTaRj2x+uiEP+pHPTIps86uy59tlQzbxKi8N+f3p1eWH +XHCUWuqpHgcTMniUZDlVH7QcLY60GRWkl2KoIrik8QjLD4QbmFf2nyJGU86TtyP xosuG+7+7d+Y2eKeqaZyWHbfCojs5Ywv2yoIZ0cjpozN9dUB+0IrcuFjNEuVXmfx EsysNX1EDwwOawopexXv7qi//Bp3OeAknQuBeAtrkOqbsDq3oO+hXR8Lujcb9xb8 NzxGhJFMc2RVKxZmhaw3P4gD3JyLI6NEPNdT9GB2guPZ0Te0LnUulMFoXLhXatpE iGkZ -----END CERTIFICATE----- |
|
tested with the FSFE account that has a valid SSL cert with all the info... not working... |
|
The cert of FSFE in July was fine. see https://www.fsfe.org/ |
|
Duplicate of bug 0000084 |
Date Modified | Username | Field | Change |
---|---|---|---|
2005-11-29 05:12 | homer | New Issue | |
2005-12-01 04:07 | homer | Note Added: 0000048 | |
2005-12-01 04:12 | homer | Assigned To | => duane |
2005-12-01 04:12 | homer | Reproducibility | sometimes => always |
2005-12-01 04:12 | homer | Status | new => needs work |
2005-12-01 04:50 | homer | Note Added: 0000050 | |
2005-12-04 04:21 | homer | Note Added: 0000066 | |
2006-08-14 05:57 | duane | Relationship added | duplicate of 0000084 |
2006-08-14 05:58 | duane | Status | needs work => closed |
2006-08-14 05:58 | duane | Note Added: 0000430 | |
2006-08-14 05:58 | duane | Resolution | open => duplicate |
2013-01-13 15:47 | Werner Dworak | Fixed in Version | => 2006 |
2013-11-20 22:23 | NEOatNHNG | View Status | private => public |