Closed sinKettu closed 1 year ago
Hello! The issue is pretty simple. If certificate for a site created with OpensslAuthority, this authority sets CN to DNS name of site: https://github.com/omjadas/hudsucker/blob/main/src/certificate_authority/openssl_authority.rs#L74
OpensslAuthority
But RcgenAuthority does not do that, it places DNS name only in Alt Names: https://github.com/omjadas/hudsucker/blob/main/src/certificate_authority/rcgen_authority.rs#L85
RcgenAuthority
Alt Names
This issue leads to browsers reject certificates signed with RcgenAuthority, because there is no appropriate CN.
I would like to request a fix for this, please. Probably, I could do a pull-request, but I have not enough free time :(
Sorry, I only just saw this issue. I have just released v0.19.0 which fixes this.
Nice! Thank you.
Hello! The issue is pretty simple. If certificate for a site created with
OpensslAuthority
, this authority sets CN to DNS name of site: https://github.com/omjadas/hudsucker/blob/main/src/certificate_authority/openssl_authority.rs#L74But
RcgenAuthority
does not do that, it places DNS name only inAlt Names
: https://github.com/omjadas/hudsucker/blob/main/src/certificate_authority/rcgen_authority.rs#L85This issue leads to browsers reject certificates signed with RcgenAuthority, because there is no appropriate CN.
I would like to request a fix for this, please. Probably, I could do a pull-request, but I have not enough free time :(