Hi,
I’m seeing the following error in the Mender Client
Dec 07 18:52:00 dlink-g300-mt7688an mender[362]: time="2020-12-07T18:52:00Z" level=error msg="Failure occurred while executing authorization request: &url.Error{Op:\"Post\", URL:\"[https://rufilla.octopus.mender.com/api/devices/v1/authentication/auth_requests\"](https://rufilla.octopus.mender.com/api/devices/v1/authentication/auth_requests\%22), Err:x509.HostnameError{Certificate:(*x509.Certificate)(0x2862dc0), Host:\"rufilla.octopus.mender.com\"}}"
Dec 07 18:52:00 dlink-g300-mt7688an mender[362]: time="2020-12-07T18:52:00Z" level=error msg="Failure occurred while executing authorization request: &url.Error{Op:\"Post\", URL:\"[https://rufilla.octopus.mender.com/api/devices/v1/authentication/auth_requests\"](https://rufilla.octopus.mender.com/api/devices/v1/authentication/auth_requests\%22), Err:x509.HostnameError{Certificate:(*x509.Certificate)(0x2862dc0), Host:\"rufilla.octopus.mender.com\"}}"
Dec 07 18:52:00 dlink-g300-mt7688an mender[362]: time="2020-12-07T18:52:00Z" level=error msg="Authorization request error: x509: certificate relies on legacy Common Name field, use SANs or temporarily enable Common Name matching with GODEBUG=x509ignoreCN=0"
Dec 07 18:52:00 dlink-g300-mt7688an mender[362]: time="2020-12-07T18:52:00Z" level=error msg="Authorize failed: transient error: authorization request failed: generic error occurred while executing authorization request: Post \"[https://rufilla.octopus.mender.com/api/devices/v1/authentication/auth_requests\":](https://rufilla.octopus.mender.com/api/devices/v1/authentication/auth_requests\%22:) x509: certificate relies on legacy Common Name field, use SANs or temporarily enable Common Name matching with GODEBUG=x509ignoreCN=0"
Dec 07 18:52:00 dlink-g300-mt7688an mender[362]: time="2020-12-07T18:52:00Z" level=info msg="State transition: authorize [Sync] -> authorize-wait [Idle]"
Dec 07 18:52:00 dlink-g300-mt7688an mender[362]: time="2020-12-07T18:52:00Z" level=error msg="Authorization request error: x509: certificate relies on legacy Common Name field, use SANs or temporarily enable Common Name matching with GODEBUG=x509ignoreCN=0"
Dec 07 18:52:00 dlink-g300-mt7688an mender[362]: time="2020-12-07T18:52:00Z" level=error msg="Authorize failed: transient error: authorization request failed: generic error occurred while executing authorization request: Post \"[https://rufilla.octopus.mender.com/api/devices/v1/authentication/auth_requests\":](https://rufilla.octopus.mender.com/api/devices/v1/authentication/auth_requests\%22:) x509: certificate relies on legacy Common Name field, use SANs or temporarily enable Common Name matching with GODEBUG=x509ignoreCN=0"
I’m using Yocto version gatesgarth and the go version is
2.3.1-r0$ ./recipe-sysroot-native/usr/bin/go version
go version go1.15.2 linux/amd64
And looking on the internet I see that support for CN is dropped in this version of GO.
https://github.com/golang/go/issues/39568
Are there plans to update the keygen script to use SAN instead of the CN?
Best Regards,
Martin.