From 5dbc2b2fb98ac9dad7fa9dc2d2d2528a5cca574b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20K=C3=B6rfgen?= Date: Thu, 16 Nov 2023 02:26:12 +0100 Subject: [PATCH 1/3] Added support for DNS Names (domain names) longer than 64 chars https://community.letsencrypt.org/t/simplifying-issuance-for-very-long-domain-names/207924 --- src/ACMECert.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/ACMECert.php b/src/ACMECert.php index b179b49..96a20b0 100644 --- a/src/ACMECert.php +++ b/src/ACMECert.php @@ -333,7 +333,11 @@ public function generateCSR($domain_key_pem,$domains){ } $fn=$this->tmp_ssl_cnf($domains); - $dn=array('commonName'=>reset($domains)); + $cn=reset($domains); + $dn=array(); + if (strlen($cn)<=64){ + $dn['commonName']=$cn; + } $csr=openssl_csr_new($dn,$domain_key,array( 'config'=>$fn, 'req_extensions'=>'SAN', From 901e25037d9e2f54cbaae95badd42a22ea7c4036 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20K=C3=B6rfgen?= Date: Fri, 17 Nov 2023 19:23:27 +0100 Subject: [PATCH 2/3] version & readme updated --- README.md | 4 ++-- composer.json | 2 +- src/ACMEv2.php | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index b403e7b..c0cd688 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # ACMECert PHP client library for [Let's Encrypt](https://letsencrypt.org/) and other [ACME v2 - RFC 8555](https://tools.ietf.org/html/rfc8555) compatible Certificate Authorities. -Version: 3.3.0 +Version: 3.3.1 ## Description @@ -613,7 +613,7 @@ public string ACMECert::getCertificateChain ( mixed $pem, array $domain_config, > > An Array defining the domains and the corresponding challenge types to get a certificate for. > -> The first one is used as `Common Name` for the certificate. +> The first domain name in the array is used as `Common Name` for the certificate if does not exceed 64 characters, otherwise the `Common Name` field will be empty. > > Here is an example structure: > ```php diff --git a/composer.json b/composer.json index bd6b644..2dbc324 100644 --- a/composer.json +++ b/composer.json @@ -1,6 +1,6 @@ { "name": "skoerfgen/acmecert", - "version": "3.3.0", + "version": "3.3.1", "description": "PHP client library for Let's Encrypt and other ACME v2 - RFC 8555 compatible Certificate Authorities", "license": "MIT", "authors": [ diff --git a/src/ACMEv2.php b/src/ACMEv2.php index cddb88e..f6899d6 100644 --- a/src/ACMEv2.php +++ b/src/ACMEv2.php @@ -309,7 +309,7 @@ private function http_request($url,$data=null){ } $method=$data===false?'HEAD':($data===null?'GET':'POST'); - $user_agent='ACMECert v3.3.0 (+https://github.com/skoerfgen/ACMECert)'; + $user_agent='ACMECert v3.3.1 (+https://github.com/skoerfgen/ACMECert)'; $header=($data===null||$data===false)?array():array('Content-Type: application/jose+json'); if ($this->ch) { $headers=array(); From b6fa5f1e58cd5513e10406d87212cdca839ad3af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20K=C3=B6rfgen?= Date: Thu, 23 Nov 2023 19:26:52 +0100 Subject: [PATCH 3/3] Updated README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index c0cd688..e75d5af 100644 --- a/README.md +++ b/README.md @@ -613,7 +613,7 @@ public string ACMECert::getCertificateChain ( mixed $pem, array $domain_config, > > An Array defining the domains and the corresponding challenge types to get a certificate for. > -> The first domain name in the array is used as `Common Name` for the certificate if does not exceed 64 characters, otherwise the `Common Name` field will be empty. +> The first domain name in the array is used as `Common Name` for the certificate if it does not exceed 64 characters, otherwise the `Common Name` field will be empty. > > Here is an example structure: > ```php