When i try to generate a certificate for one of our customers, it is truncating the certifcate name.
I understand this is supposed to only be used for “book-keeping”, but the system we have built around certbot uses this certificate name to reverse look-up our customer. It’s a nasty bug that would be difficult to work around.
The generation process works just fine, but the name field in certbot certificates is then truncated to just example.
We’re running
$ certbot --version
certbot 0.19.0
On Fedora 25 installed from the repos.
I’ve gone through the open github issues (searching for name and cert-name and --cert-name does not help with filtering). And the “Your topic is similar to…” does not contain anything like the problem.
Is this a known bug?
Is this a new bug? Should i open a GH issue?
That’s an interesting issue. I just tried to replicate this with our current development version and I was unable to. Would you be able to try this with a newer version of Certbot to see if you still have the same problem?
We do not have a newer version of certbot available from the Fedora 25 repositories.
It appears that we can bypass the problem by regexing dashes to underscores in our customer names. The version we are running does not truncate the name if we use underscores.
I’m not really familiar with any previous bug that might have caused this behavior, but I haven’t been able to replicate it myself in the most current version of Certbot. Would you like to share a log file from /var/log/letsencrypt that shows the process that included the buggy behavior?