forked from TrueCloudLab/certificates
Add email SAN with email parameter in the JWK
This commit is contained in:
parent
602a42813c
commit
5ce5a891f7
1 changed files with 5 additions and 0 deletions
|
@ -446,7 +446,11 @@ func CreateSignRequest(ott string) (*api.SignRequest, crypto.PrivateKey, error)
|
|||
return nil, nil, errors.Wrap(err, "error generating key")
|
||||
}
|
||||
|
||||
var emails []string
|
||||
dnsNames, ips := x509util.SplitSANs(claims.SANs)
|
||||
if claims.Email != "" {
|
||||
emails = append(emails, claims.Email)
|
||||
}
|
||||
|
||||
template := &x509.CertificateRequest{
|
||||
Subject: pkix.Name{
|
||||
|
@ -455,6 +459,7 @@ func CreateSignRequest(ott string) (*api.SignRequest, crypto.PrivateKey, error)
|
|||
SignatureAlgorithm: x509.ECDSAWithSHA256,
|
||||
DNSNames: dnsNames,
|
||||
IPAddresses: ips,
|
||||
EmailAddresses: emails,
|
||||
}
|
||||
|
||||
csr, err := x509.CreateCertificateRequest(rand.Reader, template, pk)
|
||||
|
|
Loading…
Reference in a new issue