Comments

letsencrypt · Jul 30, 2024 · 17a201a · 17a201a
1 parent 284c814
commit 17a201a
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 5 deletions.
diff --git a/ca/ca.go b/ca/ca.go
@@ -208,19 +208,19 @@ func makeCertificateProfilesMap(defaultName string, profiles map[string]issuance
 		}
 		hash := sha256.Sum256(encodedProfile.Bytes())
 
-		cpwid := certProfileWithID{
+		withID := certProfileWithID{
 			name:    name,
 			hash:    hash,
 			profile: profile,
 		}
 
-		profilesByName[name] = &cpwid
+		profilesByName[name] = &withID
 
 		_, found := profilesByHash[hash]
 		if found {
 			return certProfilesMaps{}, fmt.Errorf("duplicate certificate profile hash %d", hash)
 		}
-		profilesByHash[hash] = &cpwid
+		profilesByHash[hash] = &withID
 	}
 
 	return certProfilesMaps{defaultName, profilesByHash, profilesByName}, nil

diff --git a/ra/ra.go b/ra/ra.go
@@ -766,11 +766,11 @@ func (ra *RegistrationAuthorityImpl) matchesCSR(parsedCertificate *x509.Certific
 	}
 	for _, eku := range parsedCertificate.ExtKeyUsage {
 		if eku != x509.ExtKeyUsageServerAuth && eku != x509.ExtKeyUsageClientAuth {
-			return berrors.InternalServerError("generated certificate doesn't have correct key usage extensions")
+			return berrors.InternalServerError("generated certificate has unacceptable EKU")
 		}
 	}
 	if !slices.Contains(parsedCertificate.ExtKeyUsage, x509.ExtKeyUsageServerAuth) {
-		return berrors.InternalServerError("generated certificate doesn't have correct key usage extensions")
+		return berrors.InternalServerError("generated certificate doesn't have serverAuth EKU")
 	}
 
 	return nil