summaryrefslogtreecommitdiffstats
path: root/certServiceK8sExternalProvider/src/cmpv2provisioner
diff options
context:
space:
mode:
Diffstat (limited to 'certServiceK8sExternalProvider/src/cmpv2provisioner')
-rw-r--r--certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner.go2
-rw-r--r--certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr.go3
-rw-r--r--certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr_test.go6
3 files changed, 7 insertions, 4 deletions
diff --git a/certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner.go b/certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner.go
index e89eb1f4..be15e832 100644
--- a/certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner.go
+++ b/certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner.go
@@ -101,7 +101,7 @@ func (ca *CertServiceCA) Sign(
if err != nil {
return nil, nil, err
}
- log.Debug("Filtered out CSR PEM: ", "bytes", csrBytes)
+ log.Debug("Filtered out CSR PEM: ", "bytes", filteredCsrBytes)
response, err := ca.certServiceClient.GetCertificates(filteredCsrBytes, privateKeyBytes)
if err != nil {
diff --git a/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr.go b/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr.go
index 1a86866b..583d533e 100644
--- a/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr.go
+++ b/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr.go
@@ -45,6 +45,9 @@ func FilterFieldsFromCSR(csrBytes []byte, privateKeyBytes []byte) ([]byte, error
filteredCsr, err := x509.CreateCertificateRequest(rand.Reader, &x509.CertificateRequest{
Subject: filteredSubject,
DNSNames: csr.DNSNames,
+ IPAddresses: csr.IPAddresses,
+ URIs: csr.URIs,
+ EmailAddresses: csr.EmailAddresses,
}, key)
if err != nil {
return nil, err
diff --git a/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr_test.go b/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr_test.go
index 08fb5538..ff9a799a 100644
--- a/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr_test.go
+++ b/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr_test.go
@@ -75,6 +75,9 @@ func assertNotFilteredFieldsNotChanged(t *testing.T, originalCsrBytes []byte, fi
filteredCsr := parseCsrBytes(filteredCsrBytes)
assert.Equal(t, originalCsr.DNSNames, filteredCsr.DNSNames)
+ assert.Equal(t, originalCsr.URIs, filteredCsr.URIs)
+ assert.Equal(t, originalCsr.EmailAddresses, filteredCsr.EmailAddresses)
+ assert.Equal(t, originalCsr.IPAddresses, filteredCsr.IPAddresses)
assert.Equal(t, originalCsr.PublicKey, filteredCsr.PublicKey)
assert.Equal(t, originalCsr.PublicKeyAlgorithm, filteredCsr.PublicKeyAlgorithm)
assert.Equal(t, originalCsr.SignatureAlgorithm, filteredCsr.SignatureAlgorithm)
@@ -88,9 +91,6 @@ func assertNotFilteredFieldsNotChanged(t *testing.T, originalCsrBytes []byte, fi
func assertFilteredFieldsEmpty(t *testing.T, csrBytes []byte) {
csr := parseCsrBytes(csrBytes)
- assert.Nil(t, csr.URIs)
- assert.Nil(t, csr.EmailAddresses)
- assert.Nil(t, csr.IPAddresses)
assert.Nil(t, csr.Subject.PostalCode)
assert.Equal(t, "", csr.Subject.SerialNumber)
assert.Nil(t, csr.Subject.StreetAddress)