Hey 👋🏻
I'm using the new RequestBuilder from #1034 (/cc @baloo), and when I submit the CSR to my CA/RA, it says "error decoding signature bytes".
Here's the CSR:
-----BEGIN CERTIFICATE REQUEST-----
MIIBKzCB2QIBADBbMRAwDgYDVQQDDAdUZXN0IENOMRAwDgYDVQQLDAdUZXN0IE9V
MQ8wDQYDVQQKDAZUZXN0IE8xCzAJBgNVBAYTAlVTMRcwFQYKCZImiZPyLGQBAQwH
dGVzdDEyMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABG35X3bvpU597hzLMuzp
pzA2/Winaetja2HLawhRBA3QY9+hJPNDe5ZZp31nOCobHvvXoDo33BpME+7RU6jS
CJCgHDAaBgkqhkiG9w0BCQcxDRMLcGFzc3dvcmQxMjMwCgYIKoZIzj0EAwIDQQBW
dW5pVyO/PPDICokwFmkAxOIN2+SS0S/oXqIzAE9tiTU9VYM6baduD4uMwbWTKX1U
4ypmFSwiNpqTNxfHrZaM
-----END CERTIFICATE REQUEST-----
Certificate Request:
Data:
Version: 0 (0x0)
Subject: CN=Test CN, OU=Test OU, O=Test O, C=US/UID=test123
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:6d:f9:5f:76:ef:a5:4e:7d:ee:1c:cb:32:ec:e9:
a7:30:36:fd:68:a7:69:eb:63:6b:61:cb:6b:08:51:
04:0d:d0:63:df:a1:24:f3:43:7b:96:59:a7:7d:67:
38:2a:1b:1e:fb:d7:a0:3a:37:dc:1a:4c:13:ee:d1:
53:a8:d2:08:90
ASN1 OID: prime256v1
NIST CURVE: P-256
Attributes:
challengePassword :password123
Signature Algorithm: ecdsa-with-SHA256
56:75:6e:69:57:23:bf:3c:f0:c8:0a:89:30:16:69:00:c4:e2:
0d:db:e4:92:d1:2f:e8:5e:a2:33:00:4f:6d:89:35:3d:55:83:
3a:6d:a7:6e:0f:8b:8c:c1:b5:93:29:7d:54:e3:2a:66:15:2c:
22:36:9a:93:37:17:c7:ad:96:8c
For comparison, here's the exact same CSR generated by another package/language, which my CA/RA accepts just fine:
-----BEGIN CERTIFICATE REQUEST-----
MIIBMjCB2QIBADBbMRAwDgYDVQQDEwdUZXN0IENOMRAwDgYDVQQLEwdUZXN0IE9V
MQ8wDQYDVQQKEwZUZXN0IE8xCzAJBgNVBAYTAlVTMRcwFQYKCZImiZPyLGQBARMH
dGVzdDEyMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABIKpiOJCyfVpfOfIs8zS
aAoolrKOwUJtjxjoSrm56sRdURBqiK2Lpa34Y6+2eF0+cy1/W2wuojhP2rK1QtMx
8zGgHDAaBgkqhkiG9w0BCQcxDRMLcGFzc3dvcmQxMjMwCgYIKoZIzj0EAwIDSAAw
RQIgXn+YbSEJMFDLCHqTKdNbPRyE1XAywUh67i7XQ8ljiy4CIQDqoIgsJkzRNFYA
9AwXniUpUymXo9GqgwCQDRGsRTlnlA==
-----END CERTIFICATE REQUEST-----
Certificate Request:
Data:
Version: 0 (0x0)
Subject: CN=Test CN, OU=Test OU, O=Test O, C=US/UID=test123
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:82:a9:88:e2:42:c9:f5:69:7c:e7:c8:b3:cc:d2:
68:0a:28:96:b2:8e:c1:42:6d:8f:18:e8:4a:b9:b9:
ea:c4:5d:51:10:6a:88:ad:8b:a5:ad:f8:63:af:b6:
78:5d:3e:73:2d:7f:5b:6c:2e:a2:38:4f:da:b2:b5:
42:d3:31:f3:31
ASN1 OID: prime256v1
NIST CURVE: P-256
Attributes:
challengePassword :password123
Signature Algorithm: ecdsa-with-SHA256
30:45:02:20:5e:7f:98:6d:21:09:30:50:cb:08:7a:93:29:d3:
5b:3d:1c:84:d5:70:32:c1:48:7a:ee:2e:d7:43:c9:63:8b:2e:
02:21:00:ea:a0:88:2c:26:4c:d1:34:56:00:f4:0c:17:9e:25:
29:53:29:97:a3:d1:aa:83:00:90:0d:11:ac:45:39:67:94
The only thing noticeably different is that the second signature is a bit longer.
Any help is appreciated! Thanks.
Hey 👋🏻
I'm using the new
RequestBuilderfrom #1034 (/cc @baloo), and when I submit the CSR to my CA/RA, it says "error decoding signature bytes".Here's the CSR:
For comparison, here's the exact same CSR generated by another package/language, which my CA/RA accepts just fine:
The only thing noticeably different is that the second signature is a bit longer.
Any help is appreciated! Thanks.