Project

General

Profile

Bug #54600

SAN multiple domain support issue with certificates.

Added by Jérémy G. over 1 year ago. Updated over 1 year ago.

Status:
Closed
Priority:
No priority
Assignee:
Waqar Ahmed
Category:
Middleware
Target version:
Seen in:
Severity:
New
Reason for Closing:
Not to be fixed
Reason for Blocked:
Needs QA:
No
Needs Doc:
No
Needs Merging:
No
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:
ChangeLog Required:
No

Description

CAN on Certificate created using FreeNAS when using multiple domains seem to not work as intended: Multiples domains are seen as a single domain entry.

Please see full example here: https://forums.freenas.org/index.php?threads/using-freenas-as-local-network-ca.70942/


Related issues

Related to FreeNAS - Feature #31953: Convert System:CA to MiddlewaredDone

History

#1 Updated by Dru Lavigne over 1 year ago

  • Private changed from No to Yes
  • Reason for Blocked set to Need additional information from Author

Jérémy: please also attach a debug (System -> Advanced -> Save debug) to this ticket so the dev can see what is happening on the middleware side.

#2 Updated by Jérémy G. over 1 year ago

  • File debug-case-20181031162118.tgz added

#3 Updated by Jérémy G. over 1 year ago

Dru Lavigne wrote:

Jérémy: please also attach a debug (System -> Advanced -> Save debug) to this ticket so the dev can see what is happening on the middleware side.

Added.

#4 Updated by Dru Lavigne over 1 year ago

  • Category changed from Services to Middleware
  • Assignee changed from Release Council to William Grzybowski
  • Reason for Blocked deleted (Need additional information from Author)

#5 Updated by William Grzybowski over 1 year ago

  • Assignee changed from William Grzybowski to Waqar Ahmed
  • Target version changed from Backlog to 11.2-U2

#6 Updated by Waqar Ahmed over 1 year ago

38058

The specified issue is fixed in 11.2-RC1 - please you can try this there as well. For good measure I am adding a screenshot and a few decoding statements for further reference

[root@freenas /etc/certificates]# openssl x509 -noout -text -in internal.crt | grep DNS
        Subject: C=US, ST=asdf, L=asdf, O=asdf, CN=domain1.com/subjectAltName=DNS: domain2.com, DNS: domain3.com/emailAddress=a@a.com
                DNS:domain2.com, DNS:domain3.com
[root@freenas /etc/certificates]#

If you have further queries regarding this issue, please feel free to comment here. Thank you

#7 Updated by Waqar Ahmed over 1 year ago

#8 Updated by Waqar Ahmed over 1 year ago

  • Subject changed from CAN multiple domain support issue with certificates. to SAN multiple domain support issue with certificates.

#9 Updated by Dru Lavigne over 1 year ago

  • File deleted (debug-case-20181031162118.tgz)

#10 Updated by Dru Lavigne over 1 year ago

  • Private changed from Yes to No

Also available in: Atom PDF