commit 9c4db5c

kxd: Use standard representation for cert name

author	Alberto Bertogli <albertito@blitiri.com.ar> 2025-01-12 14:37:22 UTC
committer	Alberto Bertogli <albertito@blitiri.com.ar> 2025-01-12 14:37:22 UTC
parent	d638384c29167d949ea7afb1e0d8a0f2e7a5bcec

kxd: Use standard representation for cert name

When logging certificate subject (for human reference), today we only
print the organizational unit. That may be too brief for some certs, and
make troubleshooting more difficult.

This patch changes the logic to use the RFC 2253 standard representation
for RDN sequences, which is much more comprehensive and common, while
still being reasonably compact for logging purposes.

kxd/kxd.go

-2

diff --git a/kxd/kxd.go b/kxd/kxd.go
index 07f141e..ac936bc 100644
--- a/kxd/kxd.go
+++ b/kxd/kxd.go
@@ -93,9 +93,9 @@ func (req *Request) KeyPath() (string, error) {
 
 func certToString(cert *x509.Certificate) string {
 	return fmt.Sprintf(
-		"(0x%.8s ou:%s)",
+		"(0x%.8s %s)",
 		fmt.Sprintf("%x", cert.Signature),
-		cert.Subject.OrganizationalUnit)
+		cert.Subject.ToRDNSequence())
 }
 
 // ChainToString makes a human-readable string out of the given certificate