Unable to renew a certificate without a SAN
If a certificate entry has a CN which contains a space, attempting to renew the certificate will result in an error:
- Create an internal CA
- Create an internal certificate with a CN of "space test"
- Click the renew icon for the "space test" certificate
- Click Renew/Reissue
The page displays the following error:
The following input errors were detected:
Error renewing Certificate
#2 Updated by Jim Pingle 2 months ago
- Subject changed from Unable to renew a certificate containing special characters in the CN to Unable to renew a certificate without a SAN
Narrowed it down further. The real problem is that a certificate without a SAN cannot be renewed.
Certificates with a CN that contains special characters and that do not have a manually-entered SAN list result in a certificate without a SAN. This is because those types of CN values cannot be mapped to a valid SAN type. The certificate renewal code was assuming any non-CA certificate entry had at least one SAN.
Fix coming shortly.