Skip to content

Basic Constraints in CSRs #776

New issue
New issue
Open
Open
Basic Constraints in CSRs#776
Assignees
shibayan
Labels
enhancementNew feature or request
@ChristianBrandenburg

Description

@ChristianBrandenburg
ChristianBrandenburg
opened on Nov 8, 2024

Is your feature request related to a problem? Please describe.
I am trying to setup keyvault-acmebot with a custom CA (GlobalSign Atlas). Adding the Atlas endpoint is not a problem, but issuance of certificates fail due to OID 2.5.29.19/Basic Constraints being present in CSRs generated by keyvault-acmebot

Describe the solution you'd like
I would like CSRs not to be generated with OID 2.5.29.19/Basic Constraints. CA's usually ignore Basic Constraints (and Key usage extensions) in the CSRs they receive because they have to be added by CA's themselves according to their certificate profiles.

Activity

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

Labels

enhancementNew feature or request

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions