Closed
Description
openedon Oct 23, 2020
In track 2 setting certificate properties via CertificatePolicy
requires passing an issuer, when in track 1 that was not required.
To support import, define a default constructor but leave Issuer
, Subject
, and SubjectAlternativeNames
read-only properties. The parameters in existing constructors should also continue to be asserted. issuer
is optional during import, and subject
is ignored - obtained from the X509 certificate anyway. We could also loosen restrictions in the future if needs be.
To note: if we did loosen restrictions later and allowed subject or SAN to be null, the service does return a pretty descriptive error that would help customers diagnose the issue:
{
"error": {
"code": "BadParameter",
"message": "Either subjectName or san must be present"
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment