In some of my cases, RSA-PSS is required.
Just an example:
When I submit such a RSA-PSS csr, I got a “Internal error” from letsencrypt.
Hi, @cpu
do you have any comments.
thanks.
Can you share the CSR and the account ID you were testing with?
I generate the CSR from here:
And here is the csr I just used:
-----BEGIN CERTIFICATE REQUEST-----
MIIC0TCCAYUCAQAwKDEmMAkGA1UEBhMCVVMwGQYDVQQDDBJ0ZXN0ZG9ja2VyLmFj
bWUuc2gwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ0/GmXKlWgNkh
un8t//rAMh//2B302q76r95YpKj6QlIUaHswmI6MgKCsFybhRxaAF44kQ8EPMbwA
otJK/kPdZ7H0o6s2KEgGNfUQ4OeCuiyrgdtcEYJnY/JhIcAYvMMPi1a+4CWKdRfH
860FpqYmZYPg+9mgsytNvZQvH0biH2Vj2FcppmutvcwhKoXZzBsmFWxAd9TuL60t
8NO59YcF8rNg70/M0+tO6ClaIahh1YfF1J0Q8tduFT8h6nekWhoWwNB/RdH4EtTN
d1NnmKtNBkuiGRW1yNCbxryTErRHoNdRNlwLIrtcaVHWByg7b6xpJ3NrQGq7Eg2j
VSFZG8X1AgMBAAGgMDAuBgkqhkiG9w0BCQ4xITAfMB0GA1UdDgQWBBQkOXh8zqsU
nB2KixdBSddlY4gH/DBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQCAQUAoRww
GgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASADggEBAIh7q27z/OYWFGGW
5OBnHqQDLTacyLBfROwd9dwUS3A3XfeJw258S/18mHL2fM7v1WlcL4zHBv73BXgw
CRGvq7DZ400CyfeHrqx/r0IupD7AACawRUYPeOD/dLObTSRj1yi/WaYpRU5CZyim
zyAs7oy2zaCjX6MAAHJBGY9evwF6uPQGdfhS1TzcWtM30vhsBVJ3nQdY/5hq89aD
uB6v5Z8vKwuVGbh9Ti5mqxcvtktSUZ+7xDQFh2KG9Tine6+fAIe4ui7boBAwortJ
+AO2f9jpLlcXYJLd66iNNKNCZWXpDHehIsuTJdVVxayY9924q003urpjk0LiDAQi
SJBo1Eg=
-----END CERTIFICATE REQUEST-----
And I got an error from the staging server in the last “new-cert” request:
{
"type": "urn:acme:error:serverInternal",
"detail": "Error creating new cert",
"status": 500
}
yes, here is the account id: 2779299
1 Like
We don’t currently support RSA-PSS for CSRs (or, incidentally, certs, but this issue is about CSRs):
1 Like
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.