forked from TrueCloudLab/certificates
Add email SAN with email parameter in the JWK
This commit is contained in:
Mariano Cano
parent
602a42813c
commit
5ce5a891f7
1 changed files with 5 additions and 0 deletions
|
|
@ -446,7 +446,11 @@ func CreateSignRequest(ott string) (*api.SignRequest, crypto.PrivateKey, error)
|
||||||
return nil, nil, errors.Wrap(err, "error generating key")
|
return nil, nil, errors.Wrap(err, "error generating key")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var emails []string
|
||||||
dnsNames, ips := x509util.SplitSANs(claims.SANs)
|
dnsNames, ips := x509util.SplitSANs(claims.SANs)
|
||||||
|
if claims.Email != "" {
|
||||||
|
emails = append(emails, claims.Email)
|
||||||
|
}
|
||||||
|
|
||||||
template := &x509.CertificateRequest{
|
template := &x509.CertificateRequest{
|
||||||
Subject: pkix.Name{
|
Subject: pkix.Name{
|
||||||
|
|
@ -455,6 +459,7 @@ func CreateSignRequest(ott string) (*api.SignRequest, crypto.PrivateKey, error)
|
||||||
SignatureAlgorithm: x509.ECDSAWithSHA256,
|
SignatureAlgorithm: x509.ECDSAWithSHA256,
|
||||||
DNSNames: dnsNames,
|
DNSNames: dnsNames,
|
||||||
IPAddresses: ips,
|
IPAddresses: ips,
|
||||||
|
EmailAddresses: emails,
|
||||||
}
|
}
|
||||||
|
|
||||||
csr, err := x509.CreateCertificateRequest(rand.Reader, template, pk)
|
csr, err := x509.CreateCertificateRequest(rand.Reader, template, pk)
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue