View definition


Defined in


MatchesCSR tests the contents of a generated certificate to make sure that the PublicKey, CommonName, and DNSNames match those provided in the CSR that was used to generate the certificate. It also checks the following fields for:

* notBefore is not more than 24 hours ago
* BasicConstraintsValid is true
* IsCA is false
* ExtKeyUsage only contains ExtKeyUsageServerAuth & ExtKeyUsageClientAuth
* Subject only contains CommonName & Names

MatchesCSR is referenced in 1 repository