Comments (7)
ac169
commented on June 1, 2024
from certify.
webprofusion-chrisc
commented on June 1, 2024
Thanks, are you using the latest version of the app and are you aware that the app already generates it's own private keys?
from certify.
ac169
commented on June 1, 2024
The application of CertifyTheWebSetup_v6.0.14.exe
Even if the new domain name is created, the first step is to add ECDSA to generate a private key, which will prompt this error. However, the private key generated by RSA has no such problem whether it is new domain name or before modification.
from certify.
webprofusion-chrisc
commented on June 1, 2024
Thanks, so do you want to use a custom ECDSA key or can you use the one the application generates itself? Most users do not supply their own keys.
from certify.
ac169
commented on June 1, 2024
The demand here is to customize CSR, and CSR is associated with the private key! It's not to customize the private key. But it is obviously an imperfect problem with the Certify application itself
from certify.
webprofusion-chrisc
commented on June 1, 2024
The problem is that OpenSSL is emitting the key like this:
-----BEGIN EC PARAMETERS-----
BggqhkjOPQMBBw==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIPXwsorl9KGaY+dETyUCUmSkWwmFKQI76DSED2nB+l6aoAoGCCqGSM49
AwEHoUQDQgAExGw/NCe56HtwU9ojOzmJnNTuxjaYmO14yQTJvOSqfZwmHqVnHRps
KGmhIRorueQrywZoR7Hu8DirD0NH6OCVvA==
-----END EC PRIVATE KEY-----
but the app is expecting this:
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIPXwsorl9KGaY+dETyUCUmSkWwmFKQI76DSED2nB+l6aoAoGCCqGSM49
AwEHoUQDQgAExGw/NCe56HtwU9ojOzmJnNTuxjaYmO14yQTJvOSqfZwmHqVnHRps
KGmhIRorueQrywZoR7Hu8DirD0NH6OCVvA==
-----END EC PRIVATE KEY-----
We will update the app to remove the extra EC PARAMETERS block openssl adds but you can alternatively use the -noout option to exclude the EC Params in the output:
openssl ecparam -name prime256v1 -genkey -noout -out test.key
Generally when people want to use a Custom CSR it's because the CSR is already provided (and they don't have the key because it's embedded in whatever system they are trying to generate a cert for). Also a CSR for a Let's Encrypt certificate etc can only include domain identifiers so things like OU, Country etc are ignored. I'm interested in knowing what customization you require for the CSR if you can share that.
from certify.
ac169
commented on June 1, 2024
Thank you, I can try whether it is feasible
from certify.
Related Issues (20)
- How to run development environment? HOT 5
- Deployment Tasks - Run a program, batch file or custom script on windows HOT 1
- add support for Vultr DNS API HOT 1
- AutoUpdate.ps1 script is broken HOT 4
- DNS Validation Fails for IONOS DNS API HOT 2
- acme-dns DNS API failed HOT 2
- Propagation timer not being preserved when using Constellix API (posh-acme) script HOT 1
- Save button abnormalities HOT 3
- AcmeDNS Provider Error for API Update HOT 4
- Export does not exports whole chain HOT 7
- Feature Request: ARM64 Support HOT 5
- Export to .pfx with password HOT 5
- PowerShell script - with space in path / new process HOT 4
- azure.identity.1.7.0.nupkg: 1 vulnerabilities (highest severity is: 8.8)
- Error when using Export Certificate task HOT 1
- Wrong IIS binding updated HOT 2
- "Deploy to RDP Gateway service" error HOT 1
- TLS website monitoring HOT 1
- Windows AD CS + ACME HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from certify.