[help] A question about the value of the subject.names.* field of pem certificates

Hello, everyone

mkdir -p /download/ssl

cat > /download/ssl/ca-config.json <<EOF
{
	"signing": {
		"default": {
			"expiry": "876000h"
		},
		"profiles": {
			"kubernetes": {
				"expiry": "876000h",
				"usages": [
					"signing","key encipherment",
					"server auth",
					"client auth"
				]
			}
		}
	}
}
EOF


cat > /download/ssl/feiji_dev-group_csr.json <<EOF
{
	"CN": "feiji",
	"key": {
		"algo": "rsa",
		"size": 2048
	},
	"hosts": [],
	"name": [
		{
			"C": "CN",
			"ST": "Jiangsu",
			"L": "Nanjing",
			"O": "dev-group",
			"OU": "IT"
		}
	]
}
EOF



**#Generating a certificate**
cfssl gencert -ca=/etc/kubernetes/pki/ca.crt -ca-key=/etc/kubernetes/pki/ca.key -config=/download/ssl/ca-config.json -profile=kubernetes /download/ssl/feiji_dev-group_csr.json | cfssljson -bare feiji_dev-group




**#Viewing certificate information**
root@k8s-master-01:/download/ssl# cfssl-certinfo -cert /download/ssl/feiji_dev-group.pem 
{
  "subject": {
    "common_name": "feiji",
    "names": [
      "feiji"
    ]
  },
  "issuer": {
    "common_name": "kubernetes",
    "names": [
      "kubernetes"
    ]
  },
  "serial_number": "223711557935640467154917044379599514617937919738",
  "not_before": "2024-12-27T08:41:00Z",
  "not_after": "2124-12-03T08:41:00Z",
  "sigalg": "SHA256WithRSA",
  "authority_key_id": "35:DB:29:91:1C:85:21:0B:D3:D3:05:B4:DC:62:B7:ED:7C:D6:B0:93",
  "subject_key_id": "AA:EE:BE:36:64:F6:26:98:C1:1D:42:14:D0:E8:35:84:B5:A8:CB:A0",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIDODCCAiCgAwIBAgIUJy+SvWrg/l/Dsd1sKo3UcXlj/vowDQYJKoZIhvcNAQEL\nBQAwFTETMBEGA1UEAxMKa3ViZXJuZXRlczAgFw0yNDEyMjcwODQxMDBaGA8yMTI0\nMTIwMzA4NDEwMFowFDESMBAGA1UEAxMJd2FuZ3hpYW5nMIIBIjANBgkqhkiG9w0B\nAQEFAAOCAQ8AMIIBCgKCAQEAwFXwKC6vp+tNETI9alWYKEVwqFQiTFKXbRVDcUGz\nTlIvALM2TaepBxoXlIYcopM5T6QoY1aOdq+37uEbdKKQbrtqSAqaKtVAYQdMvzzZ\nGJSqwdSzGw1GVJtTWkUgYiQpjAxg1MkWtRzf01+oHjXVZjUX0T8+MLs5r5EXkSJ4\nwrcH6TwbpSdZMdUCcTGz6nX5oNeeirCboHbGPnSHF7o2ohOQRLhpTIB1uzoqLsrf\nL2Nqj4qFegNP14zyOrvBTwWf+9Hon9I5kM+h9r9NZ7azlhCi39fA3xBaJeVwysSd\nTYZvOzzzuvi0Q2cJE1F6bv5AvhY82tJYbMdJCL+8xJm6xwIDAQABo38wfTAOBgNV\nHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1Ud\nEwEB/wQCMAAwHQYDVR0OBBYEFKruvjZk9iaYwR1CFNDoNYS1qMugMB8GA1UdIwQY\nMBaAFDXbKZEchSEL09MFtNxit+181rCTMA0GCSqGSIb3DQEBCwUAA4IBAQC8ybte\n6aqQJdY+ftihxl/lxG418eeg6lQzXKjQULoki8CawdbE/Ssxsh7REknlkCEjGT66\nRhwUT2MtKrimtQ+ygVQyTMNN+fAAqUOUTx0r6OdU1M2zcXe7N75YRaDifuVjKcP/\nHGQgstGH6u0qi8JI3LbOBZr3tYMGvFGqk89AjH3tQMO/NObiz4drmqFTqMWTCpLi\nDFoLzWkYvunqAdX60eXYMVEM8Z+t3L1ecUJEMOemaFJB+R2LQJkgQ1RUCFhiTcph\nnx6p6Fg1GXZZtOtapBAJFM/Rh3RxPEhf7k82POJs636ppPyggBfpJefXkH8GFkyd\ndtlD/2Jf25zYEKTg\n-----END CERTIFICATE-----\n"
}


The generated feiji_dev-group.pem certificate does not see the value of the O field or any of the following fields

"C": "CN",
"ST": "Jiangsu",
"L": "Nanjing",
"O": "dev-group",
"OU": "IT"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[help] A question about the value of the subject.names.* field of pem certificates #1405

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[help] A question about the value of the subject.names.* field of pem certificates #1405

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions