Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ability to create a CSR locally with an EKU (a standard x509 v3 extension) #530

Open
ahpala opened this issue Sep 19, 2024 · 0 comments
Open

Ability to create a CSR locally with an EKU (a standard x509 v3 extension) #530

ahpala opened this issue Sep 19, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@ahpala
Copy link

ahpala commented Sep 19, 2024

BUSINESS PROBLEM

We have a use case with a customer who uses VCert in an embedded environment. They need to compose CSR in this environment with x509 Extended Key Usage. Unfortunately the CA in this environment does not have an ability to insert the EKU during signing process (which may be missing the EKU). This results in a signed certificate without EKU extension.

PROPOSED SOLUTION

Enhance ability in VCert for CLI options, as well as the playbook to include EKU as an optional attribute in the CSR.

CURRENT ALTERNATIVES

At present other alternatives are not available as the client environment is an embedded Linux OS with highly restrictive security conditions.

VENAFI EXPERIENCE
@ahpala ahpala added the enhancement New feature or request label Sep 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ahpala