diff --git a/authority/provisioner/scep.go b/authority/provisioner/scep.go index a48d11cce..4d087de36 100644 --- a/authority/provisioner/scep.go +++ b/authority/provisioner/scep.go @@ -9,6 +9,7 @@ import ( "encoding/pem" "fmt" "net/http" + "strings" "time" "github.com/pkg/errors" @@ -152,7 +153,7 @@ func (c *challengeValidationController) Validate(ctx context.Context, csr *x509. if err != nil { return fmt.Errorf("failed creating new webhook request: %w", err) } - req.ProvisionerName = provisionerName + req.ProvisionerName = strings.ToLower(provisionerName) req.SCEPChallenge = challenge req.SCEPTransactionID = transactionID resp, err := wh.DoWithContext(ctx, c.client, req, nil) // TODO(hs): support templated URL? Requires some refactoring diff --git a/authority/provisioner/scep_test.go b/authority/provisioner/scep_test.go index 87bd885ca..1b4ca1d86 100644 --- a/authority/provisioner/scep_test.go +++ b/authority/provisioner/scep_test.go @@ -242,9 +242,10 @@ func TestSCEP_ValidateChallenge(t *testing.T) { Raw: []byte{1}, } type request struct { - Request *webhook.X509CertificateRequest `json:"x509CertificateRequest,omitempty"` - Challenge string `json:"scepChallenge"` - TransactionID string `json:"scepTransactionID"` + ProvisionerName string `json:"provisionerName,omitempty"` + Request *webhook.X509CertificateRequest `json:"x509CertificateRequest,omitempty"` + Challenge string `json:"scepChallenge"` + TransactionID string `json:"scepTransactionID"` } type response struct { Allow bool `json:"allow"` @@ -253,6 +254,7 @@ func TestSCEP_ValidateChallenge(t *testing.T) { req := &request{} err := json.NewDecoder(r.Body).Decode(req) require.NoError(t, err) + assert.Equal(t, "scep", req.ProvisionerName) assert.Equal(t, "webhook-challenge", req.Challenge) assert.Equal(t, "webhook-transaction-1", req.TransactionID) if assert.NotNil(t, req.Request) {