[PSEIP-909] [CIPSEC] Non-conform Create_CSR will fail if all SubjectName fields are empty - Hilscher Ticket

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: V3.8.5.0
Component/s: Core
Labels:
None

Account:
SPC EthernetIp Core (SPCETHERNET)

Description

Discovered by CT20 when the client send a Create_CSR with all parameters set to zero(Empty Subject Name)

Accroding to the CIP specification vol.8 5-5.7.1 Create_CSR:

The Create_CSR service parameters shall be used for the subject distinguished name in the Certificate Request Information. If any of the following items are null (string size of 0), the device shall use the same value as used in its default device certificate:

Common Name

Organization

Organizational Unit

City / Locality

State / County / Region

Country

Email address

Serial number

The current implementation doesn't fill any of the values if it's empty.

Attachments

Expenses

Activity

Status Description

People

Reporter:

Omid Kompani

Votes:

0 Vote for this issue

Watchers:

0 Start watching this issue

Dates

Created:

2024-06-18 09:38

Updated:

2024-06-28 14:16

Resolved:

2024-06-25 12:36