Details
-
Type:
Bug
-
Status:
Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 3.3.3
-
Fix Version/s: 3.4.2
-
Component/s: Admin Console
-
Labels:None
-
Acceptance Test - Add?:No
-
Acceptance Test - Entry:
- Create new CSR in openfire server certificates page
- Update issuer information
- Verify that issuer information is in generated CSR
Description
When a CSR is created through the Server Certificates interface in the admin console, and the issuer information is updated the only information the CSR will contain is the CN.
Openfire is currently placing the issuer information in the issuerDN and just the XMPP domain in the subjectDN and the subjectAltNames like in the following example:
IssuerDN: CN=Name,OU=OU,O=O,L=city,ST=State,C=cc
SubjectDN: CN=test
Extensions:
critical(false) 2.5.29.17 value = DER Sequence
Tagged [0] IMPLICIT
DER Sequence
ObjectIdentifier(1.3.6.1.5.5.7.8.5)
Tagged [0]
UTF8String(*.test)
I'm trying to figure out if our interpretation of the specs was correct and if most CAs will be happy with our CSR.