-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CSR creation with CN only #15
Comments
You're right, it could be reduced. The reason I put these values there is that otherwise it would be prefilled with strange values, that might not be the case with the always passed config now anymore. Are there any known issues when adding additional properties? |
I think I will move the CSR generation out of that method anyway with |
The only issue I see is that to much information sent to the the ACME server. The current spec states the following:
If you extract the CSR generation a little hint. The CSR generation could also be done with a environment variable (kind of a strange thing built into the core of OpenSSL, but avoids the need of generating a temporary file). See https://gist.github.com/dol/e0b7f084e2e7158efc87 as an example. |
It doesn't say anything about additional fields.
That's really strange, don't know which method I prefer.
Don't know which editor / IDE you use, but mine highlights variables in there, so accidental inclusion isn't that likely to happen. Additionally, it would also throw a notice because of undefined variables probably. :-) |
It's a matter of taste. Can't argue with that. ;-) |
For the creation of an CSR the dn parameter of openssl_csr_new only needs the definition of 'CN' to work with domain validated certificate.
https://github.com/kelunik/acme/blame/dd01ee543932b8ca51cb2b9d3fe2efd097fbba66/lib/AcmeService.php#L363 could be reduced to just:
The text was updated successfully, but these errors were encountered: