Skip to content

generate new csr

Ghost User requested to merge (removed):main into main

When compiling on go 1.17 we get the following test failure:

--- FAIL: TestSANs (0.00s) selfsign_test.go:68: x509: provided PrivateKey doesn't match parent's PublicKey FAIL FAIL github.com/cloudflare/cfssl/selfsign 0.025s FAIL

Checking and the sans.csr is using a private key which as far as i can tell is not present in this repo. The following fix was noted in go 1.17 which is why we dont see this in earlier versions of go

CreateCertificate now returns an error if the provided private key doesn't match the parent's public key, if any. The resulting certificate would have failed to verify. https://go.dev/doc/go1.17 (crypto/x509)

The current csr is generated with a key, which AFAIK, is not in this repo. As such generate a fresh one with the key that is used in the tests.

Merge request reports