github
/
acme4j
mirror of https://github.com/shred/acme4j
1
0
Fork 0
Code Issues Releases Wiki Activity

Fix broken output for IP-only CSRs

pull/129/head
Richard Körber 2021-07-03 10:05:19 +02:00
parent 2f2e59fd36
commit 3c48391123
No known key found for this signature in database
GPG Key ID: AAB9FD19C78AA3E0
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
acme4j-utils/src/main/java/org/shredzone/acme4j/util/CSRBuilder.java
View File

@ -54,7 +54,8 @@ import org.shredzone.acme4j.Identifier;
/**
* Generator for a CSR (Certificate Signing Request) suitable for ACME servers.
* <p>
* Requires {@code Bouncy Castle}. This class is part of the {@code acme4j-utils} module.
* Requires {@code Bouncy Castle}. The {@link org.bouncycastle.jce.provider.BouncyCastleProvider}
* must also be added as security provider.
*/
public class CSRBuilder {
private static final String SIGNATURE_ALG = "SHA256withRSA";
@ -256,6 +257,7 @@ public class CSRBuilder {
ExtensionsGenerator extensionsGenerator = new ExtensionsGenerator();
extensionsGenerator.addExtension(Extension.subjectAlternativeName, false, subjectAltName);
p10Builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extensionsGenerator.generate());
PrivateKey pk = keypair.getPrivate();
@ -319,10 +321,14 @@ public class CSRBuilder {
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append(namebuilder.build());
if (!namelist.isEmpty()) {
sb.append(namelist.stream().collect(joining(",DNS=", ",DNS=", "")));
}
if (!iplist.isEmpty()) {
sb.append(iplist.stream()
.map(InetAddress::getHostAddress)
.collect(joining(",IP=", ",IP=", "")));
}
return sb.toString();
}