View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0000768 | Main CAcert Website | certificate issuing | public | 2009-08-12 15:04 | 2014-04-15 22:08 |
Reporter | hanno | Assigned To | |||
Priority | normal | Severity | minor | Reproducibility | have not tried |
Status | closed | Resolution | fixed | ||
Fixed in Version | 2014 Q1 | ||||
Summary | 0000768: CAcert adds CommonName to SubjectAltName, although it's already there | ||||
Description | I found out today that cacert seems to add the content of commonname to subjectaltname if it's not there. This is generally a good idea. Example: CN mydomain.com, SAN DNS:*.mydomain.com, some ssl-implementations won't accept this for mydomain.com, because they ignore CN if SAN is there. So cacert sets SAN to DNS:*.mydomain.com,DNS:mydomain.com The problem is, cacert also does this if the CN is already in SAN by the user. So I got this in a certificate by cacert: DNS:*.lug-bk.de, othername:<unsupported>, DNS:lug-bk.de, othername:<unsupported>, DNS:*.lug-bk.de, othername:<unsupported> It doesn't really hurt, but it adds some bogus information to the certificate, as it contains the CN twice in SAN. | ||||
Tags | No tags attached. | ||||
Reviewed by | |||||
Test Instructions | |||||
Date Modified | Username | Field | Change |
---|---|---|---|
2009-08-12 15:04 | hanno | New Issue | |
2010-03-15 22:05 | gagern | Note Added: 0001565 | |
2010-03-15 22:10 | gagern | Relationship added | duplicate of 0000440 |
2012-05-01 14:26 | mutax | Relationship added | related to 0001035 |
2012-10-30 23:18 | INOPIAE | Relationship added | related to 0001106 |
2012-10-30 23:18 | INOPIAE | Relationship deleted | related to 0001106 |
2013-09-29 16:27 | Uli60 | Relationship added | has duplicate 0001214 |
2014-04-15 22:08 | INOPIAE | Note Added: 0004734 | |
2014-04-15 22:08 | INOPIAE | Status | new => closed |
2014-04-15 22:08 | INOPIAE | Resolution | open => fixed |
2014-04-15 22:08 | INOPIAE | Fixed in Version | => 2014 Q1 |