Page MenuHomeVyOS Platform
Create Task
Maniphest T6259

PKI: Support RFC822 (email) names in SAN
Closed, ResolvedPublicFEATURE REQUEST
Actions

Description

Add the ability to specific RFC822 (email) names as Subject Alternative Names in x509 certificates generated via the PKI system.
Example of potential implementation below:

vyos@vyos:~$ generate pki certificate self-signed
Enter private key type: [rsa, dsa, ec] (Default: rsa) rsa
...
Do you want to configure Subject Alternative Names? [y/N] y
Enter alternative names in a comma separate list, example: ipv4:1.1.1.1,ipv6:fe80::1,dns:vyos.net,rfc822:[email protected]
Enter Subject Alternative Names: rfc822:[email protected],dns:example.vyos.net
Enter how many days certificate will be valid: (Default: 365) 365
...

Details

Difficulty level
Easy (less than an hour)
Version
-
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Perfectly compatible
Issue type
Improvement (missing useful functionality)

Event Timeline

Embezzle claimed this task.Mon, Apr 22, 8:36 PM
Embezzle created this task.
Embezzle changed Difficulty level from Unknown (require assessment) to Easy (less than an hour).
Embezzle changed the task status from Open to In progress.Mon, Apr 22, 9:23 PM

PR: https://github.com/vyos/vyos-1x/pull/3345

Viacheslav triaged this task as Normal priority.Tue, Apr 23, 7:00 AM
pasik added a subscriber: pasik.Tue, Apr 23, 7:26 AM
c-po moved this task from Need Triage to In Progress on the VyOS 1.5 Circinus board.Wed, Apr 24, 5:44 AM
Embezzle closed this task as Resolved.Fri, Apr 26, 6:03 PM

Tested as working in: VyOS 1.5-rolling-202404250020