You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I came across a client who is using a certificate that specifies multiple domain components in the issuer.
The client is already using this certificate with a firewall solution in production, I cannot easily tell them to replace the cert.
This forced me to create a fork and adapt the implementation of DistinguishedName because a HashMap won't allow storing multiple DC items.
The text was updated successfully, but these errors were encountered:
I was not aware of this myself, but apparently
-x509certificates can have multiple domain component fields set in the issuer.If I am not mistaken the RCF mentions this, see: https://datatracker.ietf.org/doc/html/rfc5280#section-7.3:
This has been reported as issue with other certificate management tools:
cert-manager/cert-manager#4424
I came across a client who is using a certificate that specifies multiple domain components in the issuer.
The client is already using this certificate with a firewall solution in production, I cannot easily tell them to replace the cert.
This forced me to create a fork and adapt the implementation of
DistinguishedNamebecause aHashMapwon't allow storing multiple DC items.The text was updated successfully, but these errors were encountered: