-
Notifications
You must be signed in to change notification settings - Fork 103
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Loading CA cert and using for signing doesn't match original certificate #59
Comments
Hmm yeah apparently the countryName is a In the meantime, I suggest trying to create a root certificate using rcgen. rcgen will then create an UTF8String in the first place and thus avoid this issue. |
This workaround is working for me for now, thanks! |
I'm trying to develop a P2P application where clients can register with a server, which will sign their certificates, so that they can later talk to each other without the involvement of the server.
I've been trying to load the CA cert using
CertificateParams::from_ca_cert_pem
and sign the client certs withCertificate::serialize_der_with_signer
. However the "issuer" attached to the resulting signed cert doesn't match the original cert (specifically the "subject" is 1 byte different).I don't really know enough about TLS to figure out why this is happening, so let me know if I can provide any additional details.
My (testing) code looks like this:
The issuer "subject" lines I get during certificate verification look like this (as byte arrays, note byte index 9)
Certificate "Issuer":
Trust Anchor "Subject":
debug-game-cert.pem.txt
example_signed_cert.pem.txt
The text was updated successfully, but these errors were encountered: