slawek/lab-ca
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

Enhance SAN handling in issueSingleCertificate: extract CN from DN if present

Browse Source
This commit is contained in:
Sławek Koszewski
2025-08-03 09:38:31 +02:00
parent 8114d667ec
commit 6e69377d1a
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
ca.go
View File

@@ -478,7 +478,15 @@ func issueSingleCertificate(def CertificateDefinition) error {
// Add default dns SAN for server/server-only if none specified
if strings.Contains(def.Type, "server") && len(def.SAN) == 0 {
def.SAN = append(def.SAN, "dns:"+def.Subject)
// Extract CN if subject is a DN, else use subject as is
cn := def.Subject
if isDNFormat(def.Subject) {
dn := parseDistinguishedName(def.Subject)
if dn.CommonName != "" {
cn = dn.CommonName
}
}
def.SAN = append(def.SAN, "dns:"+cn)
}
priv, err := rsa.GenerateKey(rand.Reader, 4096)