I wrote a client based on reading multiple clients instead of docs. Because of that, I made a mistake – but that mistake works on the staging server (I haven’t used the full server yet).
The issue: according to specs shared on this forum when submitting a CSR for multiple
domains, the “subject” should be
domains and the “subjectAlternativeNames” should be
domains (and that the domain must appear in subjectAlternativeNames)
My code was submitting an empty subject ("/’), yet still being signed.
The subject then appears as the serial number . in text view it appears as the serial without the colons:
Serial Number: fa:65:0e:03:50:b5:98:e2:37:3f:97:33:62:30:8d:ff:e6:80 Subject: serialNumber=fa650e0350b598e2373f973362308dffe680
Based on my understanding, should the acme signing authority reject the certificate because it does not have a domain in the subject?