Unable to sign a CSR that contains multiple alt_names #553

New Issue

adam · 2025-12-29T01:27:10+01:00

adam commented

2025-12-29 01:27:10 +01:00

Originally created by @Maanya-S on GitHub (Nov 14, 2021).

I have generated a CSR using the following config file - csr.conf.txt
(has 2 alt names).

This is the CSR that was generated - example.csr.txt

When I try to sign this csr, I am getting this error:

 user:/dehydrated # ./dehydrated/dehydrated --signcsr ./trial.csr
 INFO: Using main config file /dehydrated/config
 + Requesting new certificate order from CA...
 + Received 1 authorizations URLs from the CA
 + ERROR: An error occurred while sending post-request to
     https://localhost:8282/acme/abcdef_support@abc.com/authz/MAqR1vA3sT5f3V5ww1k4iqvmU1VlL5a0, (Status 400)       
     Details:
     HTTP/2 400
     cache-control: no-store
     content-type: application/problem+json
     link: <https://localhost:8282/acme/abcde_support@abc.com/directory>;rel="index"
     replay-nonce: bE56VTZEbjFTT2kyZ01vUGJTenoxVEZkZWpoaEhuQno
     content-length: 199
     date: Fri, 05 Nov 2021 05:54:12 GMT
     {"type":"urn:ietf:params:acme:error:malformed","detail":"authz MAqR1vA3sT5f3V5ww1k4iqvmU1VlL5a0, not found: key \u000b\u0000acme_authzs!\u0000MAqR1vA3sT5f3V5ww1k4iqvmU1VlL5a0, not found: not found"}

However when I try the same thing with just one alt name at a time in the config file like this - csr2.conf.txt , it works fine.
Is this feature of adding multiple alt_names supported? And if it is, please let me know how I can make it work.

Originally created by @Maanya-S on GitHub (Nov 14, 2021). I have generated a CSR using the following config file - [csr.conf.txt](https://github.com/dehydrated-io/dehydrated/files/7533932/csr.conf.txt) (has 2 alt names). This is the CSR that was generated - [example.csr.txt](https://github.com/dehydrated-io/dehydrated/files/7533940/example.csr.txt) When I try to sign this csr, I am getting this error: user:/dehydrated # ./dehydrated/dehydrated --signcsr ./trial.csr INFO: Using main config file /dehydrated/config + Requesting new certificate order from CA... + Received 1 authorizations URLs from the CA + ERROR: An error occurred while sending post-request to https://localhost:8282/acme/abcdef_support@abc.com/authz/MAqR1vA3sT5f3V5ww1k4iqvmU1VlL5a0, (Status 400) Details: HTTP/2 400 cache-control: no-store content-type: application/problem+json link: <https://localhost:8282/acme/abcde_support@abc.com/directory>;rel="index" replay-nonce: bE56VTZEbjFTT2kyZ01vUGJTenoxVEZkZWpoaEhuQno content-length: 199 date: Fri, 05 Nov 2021 05:54:12 GMT {"type":"urn:ietf:params:acme:error:malformed","detail":"authz MAqR1vA3sT5f3V5ww1k4iqvmU1VlL5a0, not found: key \u000b\u0000acme_authzs!\u0000MAqR1vA3sT5f3V5ww1k4iqvmU1VlL5a0, not found: not found"} However when I try the same thing with just one alt name at a time in the config file like this - [csr2.conf.txt](https://github.com/dehydrated-io/dehydrated/files/7533946/csr2.conf.txt) , it works fine. Is this feature of adding multiple alt_names supported? And if it is, please let me know how I can make it work.

adam closed this issue

2025-12-29 01:27:10 +01:00

adam commented

2025-12-29 01:27:10 +01:00

@lukas2511 commented on GitHub (Nov 16, 2021):

Can you check if this works with the latest release version of dehydrated? I think I might have broken a few things when I tried to clean up the code for shellcheck... I really need to get working on the automated testing system for stuff like this...

@lukas2511 commented on GitHub (Nov 16, 2021): Can you check if this works with the latest release version of dehydrated? I think I might have broken a few things when I tried to clean up the code for shellcheck... I really need to get working on the automated testing system for stuff like this...

adam referenced this issue

2025-12-29 01:29:43 +01:00

[PR #553] [CLOSED] Move hook challenge deployment into loop #863

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/dehydrated#553