starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-01-11 22:30:44 +01:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity

CSR generated through dehydrated script doesn't contains 'O', 'OU', 'C' parameters #253

New Issue
Closed
opened 2025-12-29 01:20:22 +01:00 by adam · 2 comments
adam commented 2025-12-29 01:20:22 +01:00
Owner
Copy Link

Originally created by @kansal15 on GitHub (Oct 3, 2017).

Hi,

I am using the latest dehydrated script for Let's Encrypt certificate issuance.
I successfully got the SSL cert from LE for my domain through using dehydrated script.

In my certificate, 'Organisation', 'Organisation Unit' and 'Country' attributes was blank. Then i check the same in my CSR and i got to figure out that my CSR doesn't contains the said attributes.

Any way to add those attributes in CSR while processing the certificate request.

Thanks.

Originally created by @kansal15 on GitHub (Oct 3, 2017). Hi, I am using the latest dehydrated script for Let's Encrypt certificate issuance. I successfully got the SSL cert from LE for my domain through using dehydrated script. In my certificate, 'Organisation', 'Organisation Unit' and 'Country' attributes was blank. Then i check the same in my CSR and i got to figure out that my CSR doesn't contains the said attributes. Any way to add those attributes in CSR while processing the certificate request. Thanks.
adam closed this issue 2025-12-29 01:20:24 +01:00
adam commented 2025-12-29 01:20:25 +01:00
Author
Owner
Copy Link

@jobe1986 commented on GitHub (Oct 3, 2017):

It is worth noting LetsEncrypt strips out any fields from the subject identifier other then a commonName (CN) containing the primary host name of the certificate. So even if your CSR contained them, the certificate issued by LetsEncrypt would not.

This is especially given the case that the organization (o) field implies the certificate is an organization validated (OV) certificate which is not a service LetsEncrypt provide.

@jobe1986 commented on GitHub (Oct 3, 2017): It is worth noting LetsEncrypt strips out any fields from the subject identifier other then a commonName (CN) containing the primary host name of the certificate. So even if your CSR contained them, the certificate issued by LetsEncrypt would not. This is especially given the case that the organization (o) field implies the certificate is an organization validated (OV) certificate which is not a service LetsEncrypt provide.
adam commented 2025-12-29 01:20:26 +01:00
Author
Owner
Copy Link

@lukas2511 commented on GitHub (Dec 17, 2017):

Exactly, as @jobe1986 said those fields are not copied over to the certificate, there is no point in setting them. Sorry for the late response.

@lukas2511 commented on GitHub (Dec 17, 2017): Exactly, as @jobe1986 said those fields are not copied over to the certificate, there is no point in setting them. Sorry for the late response.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Complicated
bug
enhancement
help wanted
pull-request
Mirrored from GitHub Pull Request
 suggestions wanted
testing
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/dehydrated#253
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?