Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PF PKI Allow multiple certs to be created with the same CN #8182

Open
robbel1 opened this issue Jun 17, 2024 · 1 comment
Open

PF PKI Allow multiple certs to be created with the same CN #8182

robbel1 opened this issue Jun 17, 2024 · 1 comment
Assignees
@fdurand
Labels
Type: Feature / Enhancement

Comments

@robbel1
Copy link

robbel1 commented Jun 17, 2024

When deploying certificates via SCEP get the following message when common name isn't unique.
"failed to sign CSR" err="Certificate with this Subject already exist:"

We would like to be able to issue multiple certs to client devices via Intune SCEP for Windows and MacOS and Google Workspace for Chromebooks. The CN is set to UPN or user email but if a user signs into a second device no certifcate is issued, as a workaround we have set the CN to be UPN or email + device serial number but this is still an issue as if the device gets wiped or the chromebook user profile is removed no new user or device certs are issued until the old ones are revoked.
@fdurand
Copy link
Member

fdurand commented Jun 18, 2024

This have to be reworked in the code/db since cn is the unique key.

@fdurand fdurand self-assigned this Jun 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fdurand fdurand

Labels
Type: Feature / Enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@fdurand @robbel1