-
Notifications
You must be signed in to change notification settings - Fork 156
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Certificate request subject commonName domain is not taken into account #304
Comments
The RFC does not say that domains from commonName must be accepted by the CA. In fact, commonName is deprecated (see for example https://security.stackexchange.com/questions/69156/using-commonname-for-dns-vs-subjaltname). This has also been discussed both here and in the Let's Encrypt community forum. |
Hi @felixfontein, |
@bruncsak as I see it, Pebble does conform to RFC8555 in that respect (as do Boulder and BuyPass). |
Sorry, I do not want to enter into debate on that, but the behavior is different between pebble and letsencrypt/buypass. See the earlier mentioned reference: https://community.letsencrypt.org/t/the-way-domain-name-in-the-subject-of-the-certificate-request-treated/116107
|
Hi @bruncsak, Thanks for reporting! And @felixfontein thanks for digging out the link to the previous Pebble issue. The Pebble behavior is indeed intentional. In the early days of Let's Encrypt we chose to accept CSRs that only specify names in the CN without specifying them in the SAN. That was probably a mistake, but a minor one, and correcting it now would introduce compatibility problems with little benefit. Our general goal with Pebble is to be a bit stricter about things, not to match all behavior of other implementations like Boulder and Buypass. So we're planning to keep the current behavior. If you'd like to maximize compatibility between the three implementations, I think putting all names in the SAN should work. |
Thanks for the reply and clarification @jsha! Is there a RFC8555 divergences document for pebble, similarly, as boulder has the following: https://github.com/letsencrypt/boulder/blob/master/docs/acme-divergences.md ?
As I am writing code of an ACME client, I would like to be generic enough to handle all possible cases. There is an option where the CSR is not generated by the client, but received as input, so it is not possible to change the content of the CSR. Most likely I will add specific code to better match the pebble's behavior. When boulder receives a CSR where the subject is empty, it adds one domain as commonName. |
So, I implemented a workaround in my client: bruncsak/ght-acme.sh@0f27ce7 |
@bruncsak I still don't understand why you think that RFC8555 mandates that commonName is supported. The part you quote from the RFC only says that every DNS identifier specified in newOrder must appear in commonName, SAN or both. It does not say that the CA has to accept CSRs which use commonName at all. @jsha what's your interpretation of the RFC? |
Oh, I see what you mean. All ACME servers are compatible with RFC8555, but different additional restriction on the CSR are not excluded which leads to incompatible behavior. So my code is correct and needed, just the comments are misleading. |
So here is the patch to my client, fixing the comments: bruncsak/ght-acme.sh@3d46cf6 |
@bruncsak looks much better IMO :) |
The above looks good, thanks for hashing it out! It sounds like maybe a useful addition to Pebble would be for it to have a more explicit error in this case. For instance, "The CSR's Subject commonName contains a domain name that is not in the subjectAlternativeNames of the CSR." What do you think? |
Today pebble accepts domain name in the Subject commonName, but it totally disregards its value, like it would not be there. Your proposed change would be more than cosmetics; before it is normal condition (certificate issued) then it becomes error condition, refusing the certificate request. |
All improved error messages are cosmetic, but still very helpful. In this case I would definitely prefer having "The CSR's Subject commonName contains a domain name that is not in the subjectAlternativeNames of the CSR." instead of the current "Order includes different number of DNSnames identifiers than CSR specifies". This saves client developers quite some time to find out what the problem actually is. |
Yes, that could be good to have a specific error message for that case. |
Allows autocert to work with Pebble (see letsencrypt/pebble#304).
Allows autocert to work with Pebble (see letsencrypt/pebble#304).
Allows autocert to work with Pebble (see letsencrypt/pebble#304).
Allows autocert to work with Pebble (see letsencrypt/pebble#304).
Allows autocert to work with Pebble (see letsencrypt/pebble#304).
More compliant with the spec and allows autocert to work with Pebble (see letsencrypt/pebble#304). Fixes golang/go#39746. Change-Id: I0f41d5b41800d57eb53055cad248e50573c6070f GitHub-Last-Rev: 777115c GitHub-Pull-Request: #143 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/294389 Reviewed-by: Filippo Valsorda <[email protected]> Run-TryBot: Filippo Valsorda <[email protected]> TryBot-Result: Go Bot <[email protected]> Trust: Dmitri Shuralyov <[email protected]>
More compliant with the spec and allows autocert to work with Pebble (see letsencrypt/pebble#304). Fixes golang/go#39746. Change-Id: I0f41d5b41800d57eb53055cad248e50573c6070f GitHub-Last-Rev: 777115c545a5266609fad6888d24d586ed4c2916 GitHub-Pull-Request: golang/crypto#143 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/294389 Reviewed-by: Filippo Valsorda <[email protected]> Run-TryBot: Filippo Valsorda <[email protected]> TryBot-Result: Go Bot <[email protected]> Trust: Dmitri Shuralyov <[email protected]>
More compliant with the spec and allows autocert to work with Pebble (see letsencrypt/pebble#304). Fixes golang/go#39746. Change-Id: I0f41d5b41800d57eb53055cad248e50573c6070f GitHub-Last-Rev: 777115c GitHub-Pull-Request: golang#143 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/294389 Reviewed-by: Filippo Valsorda <[email protected]> Run-TryBot: Filippo Valsorda <[email protected]> TryBot-Result: Go Bot <[email protected]> Trust: Dmitri Shuralyov <[email protected]>
More compliant with the spec and allows autocert to work with Pebble (see letsencrypt/pebble#304). Fixes golang/go#39746. Change-Id: I0f41d5b41800d57eb53055cad248e50573c6070f GitHub-Last-Rev: 777115c545a5266609fad6888d24d586ed4c2916 GitHub-Pull-Request: golang/crypto#143 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/294389 Reviewed-by: Filippo Valsorda <[email protected]> Run-TryBot: Filippo Valsorda <[email protected]> TryBot-Result: Go Bot <[email protected]> Trust: Dmitri Shuralyov <[email protected]>
RFC8555 tells:
When the subject of the CSR has CN=abc.dom.org and the subjectAltName has only DNS:xyz.dom.org, by the RFC an order must be created with both abc.dom.org and xyz.dom.org as identifiers. After making the order ready, the submitted CSR is not accepted with the following error:
For reference see:
https://community.letsencrypt.org/t/the-way-domain-name-in-the-subject-of-the-certificate-request-treated/116107
The text was updated successfully, but these errors were encountered: