Info: MSCA Pool CSR does not include SAN entries

Applies To:

All versions of TPP up to 22.2



When you submit a certificate request to an MSCA Pool template in Venafi, the downloadable CSR generated for the certificate does not include the SAN entry, even though the SAN entry IS included in the certificate.

If you submit the same certificate request to any of the CA templates IN the pool, the CSR will include the SAN.



This is by design.  The SAN is submitted separately when submitting to an MSCA Pool so the CSR will not include any SAN entries.



There is a support tab option you have to enable the SAN to be included in the CSR.  It is a support edit on every MSCA pool template (not available at the policy level).  You'll need to get Venafi Support to generate you a support key so you can turn this on.

Was this article helpful?
0 out of 0 found this helpful