parsec-cli-tests.sh error: The CSR does not contain the serialNumber field of the Distinguished Name

[michael2012z]

When I followed the tutorial to run parsec-cli-tests.sh in a container on a x86_64 host: https://parallaxsecond.github.io/parsec-book/getting_started/installation_options.html#option-3-use-a-quickstart-docker-image An error was seen:

- Creating a certificate signing request (CSR) from the test key.
[INFO ] Hashing data with Sha256...
[INFO ] Signing data with Ecdsa { hash_alg: Specific(Sha256) }...

- Using openssl to inspect the CSR content and verify the public key.
40B7BA43B77F0000:error:06880006:asn1 encoding routines:ASN1_item_verify_ctx:EVP lib:../crypto/asn1/a_verify.c:217:
Error: The CSR does not contain the serialNumber field of the Distinguished Name

Parsec version is 1.2.0:

qs@a8f0b04f5307:/parsec/quickstart$ parsec --version
parsec-service 1.2.0

The issue was not 100% reproducible. Using the following command to run the test in a loop, I can always capture the failure:

for i in `seq 1 1000`; do echo "-- $i --" && ./parsec-cli-tests.sh || sleep 10000 && echo "----"; done

When the problem appears, the command line will stop (in the 10000-second sleep).

[tgonzalezorlandoarm]

Hi @michael2012z ! This seems related to https://github.com/parallaxsecond/parsec-tool/issues/101, which got resolved by https://github.com/parallaxsecond/parsec-tool/pull/102 . Have you tried using that fix? Does the issue still happen?

[anta5010]

@michael2012z please use parsec-tool 0.7.0 where this issue is fixed.

[michael2012z]

Thanks, @anta5010 @tgonzalezorlandoarm . Yes, when I did the same test with latest main branch, the problem was not seen.