Fix the SCT header return value from the API to base64 encode it.

I don't actually know what's correct here - but the current client expects it to be base64 encoded. We could keep it "raw", but then we have to fix the client that's currently in cosign. Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>
sigstore · Dec 21, 2021 · 47a0939 · 47a0939
1 parent d77d444
commit 47a0939
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/pkg/api/ca.go b/pkg/api/ca.go
@@ -203,7 +203,7 @@ func signingCert(w http.ResponseWriter, req *http.Request) {
 	}
 
 	// Set the SCT and Content-Type headers, and then respond with a 201 Created.
-	w.Header().Add("SCT", string(sctBytes))
+	w.Header().Add("SCT", base64.StdEncoding.EncodeToString(sctBytes))
 	w.Header().Add("Content-Type", "application/pem-certificate-chain")
 	w.WriteHeader(http.StatusCreated)
 	// Write the PEM encoded certificate chain to the response body.