--cert-name option truncates name when a dash is used?


#1

When i try to generate a certificate for one of our customers, it is truncating the certifcate name.

I understand this is supposed to only be used for “book-keeping”, but the system we have built around certbot uses this certificate name to reverse look-up our customer. It’s a nasty bug that would be difficult to work around.

A stripped down version of the command used:

$ certbot certonly --cert-name 'example-site' -d 'subdomain.example.com'

The generation process works just fine, but the name field in certbot certificates is then truncated to just example.

We’re running

$ certbot --version
certbot 0.19.0

On Fedora 25 installed from the repos.


I’ve gone through the open github issues (searching for name and cert-name and --cert-name does not help with filtering). And the “Your topic is similar to…” does not contain anything like the problem.

Is this a known bug?
Is this a new bug? Should i open a GH issue?


#2

Hi @djmetzle,

That’s an interesting issue. I just tried to replicate this with our current development version and I was unable to. Would you be able to try this with a newer version of Certbot to see if you still have the same problem?


#3

Thanks for the reply @schoen!

We do not have a newer version of certbot available from the Fedora 25 repositories.

It appears that we can bypass the problem by regexing dashes to underscores in our customer names. The version we are running does not truncate the name if we use underscores.


#4

Right, you would probably have to use certbot-auto to install it outside of the repository.

Are you sure that the character used was a hyphen (-) and not some kind of Unicode dash (such as – or —)?


#5

Right, you would probably have to use certbot-auto to install it outside of the repository.

I think we’d prefer not to install from outside our repos.

Are you sure that the character used was a hyphen (-) and not some kind of Unicode dash (such as – or —)?

Just double checked. ‘2D’ ascii hyphen.


#6

I’m not really familiar with any previous bug that might have caused this behavior, but I haven’t been able to replicate it myself in the most current version of Certbot. Would you like to share a log file from /var/log/letsencrypt that shows the process that included the buggy behavior?


#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.