Intermediate CA Generation: The organizationName field is different between CA certificate (MyOrg) and the request (MyOrg)

[lexemmens]

Im trying to generate a new Intermediate CA based on an imported Root CA, but it fails with the message:

The organizationName field is different between
CA certificate (MyOrg) and the request (MyOrg)
main.(*CertificateInfo).Generate(0xc0006ffb00, {0xc00004108f, 0xc}, {0xe81295, 0x6})
    /go/src/labca/certificate.go:263 +0xc6b
main.(*CertificateInfo).Create(0xc0006ffb00, {0xc00004108f, 0xc}, {0xe81295, 0x6}, 0x0)
    /go/src/labca/certificate.go:717 +0x2c6
main._certCreate({0x13da458, 0xc000136b60}, 0xc0006fe5a0, {0xe81295?, 0x6?}, 0x0?)
    /go/src/labca/main.go:2126 +0x1d45
main.setupHandler({0x13da458, 0xc000136b60}, 0xc0006fe5a0)
    /go/src/labca/main.go:2739 +0x1fe
...
Error (exit status 1)! See LabCA logs for details

However, both organizationName fields contain the exact same value.

Steps to reproduce

• Start with clean install
• Import Root CA (PEM) + Key (PEM) + Password from non LabCA system (in this case: Univention Core)
• In second step, generate a new issuer certificate based on this RootCA

Result Certificate generation failed with Error (exit status 1)! See LabCA logs for details.

Details Using latest docker images, which are referencing 24.08 release.

[hakwerk]

This is probably the same issue as in #77

[lexemmens]

You are right, thanks! Checked my CA and it is indeed set as PRINTABLESTRING instead of UTF8. Explanation in other issue helps 🙌

Is it an idea to document this under troubleshooting?