Menu
▾
▴
Re: [Ejbca-develop] Copy CN from PKCS#10 certificate request
|
From: Tomas G. <to...@pr...> - 2015-09-28 15:36:41
|
Hi, There are several ways you can do this in EJBCA. But before going into that I'd like to probe if this is _really_ what you want? If you allow end users to paste a CSR into the public web, and imply copy the value from CN, there is nothing preventing a user from getting a certificate with say www.google.com in it. Which is probably not what you want. Not blindly copying values from the CSR is a security feature (which can be configured in many different ways relaxing it). Regards, Tomas ----- Save time and money with an Enterprise support subscription. Please see www.primekey.se for more information. https://www.primekey.se/technologies/products-overview/ https://www.primekey.se/service-support/support/ On 2015-09-25 22:34, Ketan Supanekar wrote: > Hi, > > I have a question regarding End Entity profiles and the CN for > generated certificate. > > 1.I have a EE profile wherein CN is optional. > > 2.I create a EE called ‘test’ where CN is NOT specified. > > 3.Now I enroll a certificate using CSR using ‘Public Web’. The CSE has > CN=’hello’ > > 4.I see that the issued certificate DOSEN’T have a CN. > > My requirement is that the generated certificate should have CN same as > the one in request. > > Is there a way to setup EJCBA EE/Certificate profiles to copy CN from > request?. > > Thanks, > > Ketan Supanekar > > > > ------------------------------------------------------------------------------ > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
