View Issue Details

IDProjectCategoryView StatusLast Update
0000768Main CAcert Websitecertificate issuingpublic2014-04-15 22:08
Reporterhanno Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Fixed in Version2014 Q1 
Summary0000768: CAcert adds CommonName to SubjectAltName, although it's already there
DescriptionI found out today that cacert seems to add the content of commonname to subjectaltname if it's not there. This is generally a good idea.

Example: CN, SAN DNS:*, some ssl-implementations won't accept this for, because they ignore CN if SAN is there. So cacert sets SAN to DNS:*,

The problem is, cacert also does this if the CN is already in SAN by the user. So I got this in a certificate by cacert:
DNS:*, othername:<unsupported>,, othername:<unsupported>, DNS:*, othername:<unsupported>

It doesn't really hurt, but it adds some bogus information to the certificate, as it contains the CN twice in SAN.
TagsNo tags attached.
Reviewed by
Test Instructions


duplicate of 0000440 closedNEOatNHNG Problem with subjectAltName 
has duplicate 0001214 closedNEOatNHNG Extended validity certificates don't have the same Subject Alt Name as newly created certificates 
related to 0001035 closed CN gets deleted from subjectAltName on cert renewal 



2010-03-15 22:05

reporter   ~0001565

Duplicate of 0000440 I think.


2014-04-15 22:08

updater   ~0004734

fixed with bug 440

Issue History

Date Modified Username Field Change
2009-08-12 15:04 hanno New Issue
2010-03-15 22:05 gagern Note Added: 0001565
2010-03-15 22:10 gagern Relationship added duplicate of 0000440
2012-05-01 14:26 mutax Relationship added related to 0001035
2012-10-30 23:18 INOPIAE Relationship added related to 0001106
2012-10-30 23:18 INOPIAE Relationship deleted related to 0001106
2013-09-29 16:27 Uli60 Relationship added has duplicate 0001214
2014-04-15 22:08 INOPIAE Note Added: 0004734
2014-04-15 22:08 INOPIAE Status new => closed
2014-04-15 22:08 INOPIAE Resolution open => fixed
2014-04-15 22:08 INOPIAE Fixed in Version => 2014 Q1