Add a note about unable to self-sign

And remove some trailing whitespace from a line in sign_certd
cloudtools · Aug 31, 2019 · 49e2b6a · 49e2b6a
1 parent ba3b60d
commit 49e2b6a
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 1 deletion.
diff --git a/README.rst b/README.rst
@@ -28,6 +28,10 @@ parameters of the certificate before deciding whether or not to actually
 sign the cert request. The signed certificate is again POSTed back to
 the server where the signature is validated.
 
+Note that a requester may not sign their own request. If a +1 is
+received for a request by the same key as the one in the request then
+the signing request is rejected.
+
 Once enough valid signatures are received the cert request is
 automatically signed using the signing key for the cert authority and
 made available for download by the requester using the request id.

diff --git a/sign_certd.go b/sign_certd.go
@@ -596,7 +596,7 @@ func (h *certRequestHandler) signOrRejectRequest(rw http.ResponseWriter, req *ht
 	// Make sure the key attempting to sign the request is not the same as the key in the CSR
 	if signerFp == requesterFp {
 		err = errors.New("Signed by the same key as key in request")
-		http.Error(rw, fmt.Sprintf("%v", err), http.StatusBadRequest)		
+		http.Error(rw, fmt.Sprintf("%v", err), http.StatusBadRequest)
 		return
 	}