Hello,
I’m trying to send my “openssl” generated csr to get signed by my vault PKI server.
Using this guide as a reference, I’ve created a “.csr” file in pem formt, turned it into a json file with the “csr” key holding the pem string as it’s value,
and sent it using the command:
curl --header "X-Vault-Token: <...>" --request POST --data "@onap-csm.json" $VAULT_ADDR/v1/onap-csm-pki1/sign/onap-csm-rule
The response I get:
{"errors":["certificate request could not be parsed: asn1: structure error: integer too large"]}
Please, help me understand:
Were this error is coming from? is it from the client or the server?
What can I do to overcome this issue?
json and csr content attached:
-----BEGIN CERTIFICATE-----
MIICDjCCAXcCFDdggihIV76qqGi2wdwK83mGfIR2MA0GCSqGSIb3DQEBCwUAMEYx
CzAJBgNVBAYTAklMMQ4wDAYDVQQKDAVMaXZlVTEYMBYGA1UEAwwPZm9vLmV4YW1w
bGUub3JnMQ0wCwYDVQQLDARCb3NzMB4XDTIyMTEyNzA2NDU1OVoXDTIyMTIyNzA2
NDU1OVowRjELMAkGA1UEBhMCSUwxDjAMBgNVBAoMBUxpdmVVMRgwFgYDVQQDDA9m
b28uZXhhbXBsZS5vcmcxDTALBgNVBAsMBEJvc3MwgZ8wDQYJKoZIhvcNAQEBBQAD
gY0AMIGJAoGBALfesVxDeBpPJMRqUowKw4O8vOdwXjfgkz8afzL+XEVhWmQNf20B
USqlsoe4re4Zk3Dk/CCt9Ag/PuDct2ZS3f8+FzzaPrJKhC8vE12QhKRE9A+jvMPq
Xv2VwXtMdJp8xUDqNQyqBl5YRLqmad+62arVby+DdRGqILx7WaRrwi5XAgMBAAEw
DQYJKoZIhvcNAQELBQADgYEArvN6oHSkkhoTBmZJUCLFWuN88fEA7kfAH7xr9JLQ
oDL2ZPB+69Si7c2EM3dA/+zPTSiNXE4bcpAk0jHOsvIXsEELN/3kuu4cGBZZiLn+
+7pUB4QFU0A4G5aOBqCsQ0qwspT11c2Z1rU31/1r1yPfQrHNPcu+erb64lsPu/7Y
PGQ=
-----END CERTIFICATE-----
{
"csr" : "-----BEGIN CERTIFICATE-----\nMIICDjCCAXcCFDdggihIV76qqGi2wdwK83mGfIR2MA0GCSqGSIb3DQEBCwUAMEYxCzAJBgNVBAYTAklMMQ4wDAYDVQQKDAVMaXZlVTEYMBYGA1UEAwwPZm9vLmV4YW1wbGUub3JnMQ0wCwYDVQQLDARCb3NzMB4XDTIyMTEyNzA2NDU1OVoXDTIyMTIyNzA2NDU1OVowRjELMAkGA1UEBhMCSUwxDjAMBgNVBAoMBUxpdmVVMRgwFgYDVQQDDA9mb28uZXhhbXBsZS5vcmcxDTALBgNVBAsMBEJvc3MwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALfesVxDeBpPJMRqUowKw4O8vOdwXjfgkz8afzL+XEVhWmQNf20BUSqlsoe4re4Zk3Dk/CCt9Ag/PuDct2ZS3f8+FzzaPrJKhC8vE12QhKRE9A+jvMPqXv2VwXtMdJp8xUDqNQyqBl5YRLqmad+62arVby+DdRGqILx7WaRrwi5XAgMBAAEwDQYJKoZIhvcNAQELBQADgYEArvN6oHSkkhoTBmZJUCLFWuN88fEA7kfAH7xr9JLQoDL2ZPB+69Si7c2EM3dA/+zPTSiNXE4bcpAk0jHOsvIXsEELN/3kuu4cGBZZiLn++7pUB4QFU0A4G5aOBqCsQ0qwspT11c2Z1rU31/1r1yPfQrHNPcu+erb64lsPu/7YPGQ=\n-----END CERTIFICATE-----"
}
Thanks,
Maor