use SAN only when requested

2018-05-04 10:45:22 +00:00 · 2018-05-04 10:45:22 +00:00 · 01cdc0e91b
parent 3e2b516f37
commit 01cdc0e91b
1 changed files with 24 additions and 19 deletions
--- a/csr.js
+++ b/csr.js
@ -127,28 +127,33 @@ function createPkcs10Csr(domainKeypair, domains) {
      ]
    });
-    var altNames = new org.pkijs.simpl.GENERAL_NAMES({
+    function addSan() {
-      names: [
+      var altNames = new org.pkijs.simpl.GENERAL_NAMES({
-        new org.pkijs.simpl.GENERAL_NAME({
+        names: [
-          NameType: 2,
+          new org.pkijs.simpl.GENERAL_NAME({
-          Name: domains.join(', DNS:') //"domain1.com, DNS:domain2.com, DNS:domain3.com"
+            NameType: 2,
-        })
+            Name: domains.join(', DNS:') //"domain1.com, DNS:domain2.com, DNS:domain3.com"
-      ]
+          })
-    });
+        ]
      });
-    extensions.extensions_array.push(new org.pkijs.simpl.EXTENSION({
+      extensions.extensions_array.push(new org.pkijs.simpl.EXTENSION({
-      extnID: "2.5.29.17", // subjectAltName
+        extnID: "2.5.29.17", // subjectAltName
-      critical: false,
+        critical: false,
-      extnValue: altNames.toSchema().toBER(false)
+        extnValue: altNames.toSchema().toBER(false)
-    }));
+      }));
-    var attribute = new org.pkijs.simpl.ATTRIBUTE({
+      var attribute = new org.pkijs.simpl.ATTRIBUTE({
-      type: "1.2.840.113549.1.9.14", // pkcs-9-at-extensionRequest
+        type: "1.2.840.113549.1.9.14", // pkcs-9-at-extensionRequest
-      values: [extensions.toSchema()]
+        values: [extensions.toSchema()]
-    });
+      });
-    pkcs10_simpl.attributes.push(attribute);
+      pkcs10_simpl.attributes.push(attribute);
    }
    if (domains.length) {
      addSan();
    }
  });
  // #endregion
@ -183,4 +188,4 @@ CSR.generate = function (options) {
  return createPkcs10Csr(options.keypair, options.domains);
 };
-}(window));
+}(window));