Test TestRegistry_AddClient_UpdatesClientPKChecksum must compare private key with a checksum

Signed-off-by: vidarno <>

pkg/acme/accounts/registry_test.go

@@ -17,6 +17,9 @@ limitations under the License.
 package accounts
 
 import (
+	"crypto/sha256"
+	"crypto/x509"
+	"encoding/base64"
 	"net/http"
 	"testing"
 
@@ -157,6 +160,10 @@ func TestRegistry_AddClient_UpdatesClientPKChecksum(t *testing.T) {
 		t.Fatal(err)
 	}
 
+	pkBytes := x509.MarshalPKCS1PrivateKey(pk)
+	pkChecksum := sha256.Sum256(pkBytes)
+	pkChecksumString := base64.StdEncoding.EncodeToString(pkChecksum[:])
+
 	// Register a new client
 	r.AddClient(http.DefaultClient, "abc", cmacme.ACMEIssuer{}, pk, "cert-manager-test")
 	l := r.ListClients()
@@ -164,12 +171,12 @@ func TestRegistry_AddClient_UpdatesClientPKChecksum(t *testing.T) {
 		t.Errorf("expected ListClients to have 1 item but it has %d", len(l))
 	}
 
-	isCached := r.IsKeyCheckSumCached("abc", pk)
+	isCached := r.IsKeyCheckSumCached(pkChecksumString, pk)
 	if isCached == false {
 		t.Fatal("checksum failed for same key")
 	}
 
-	isCached = r.IsKeyCheckSumCached("abc", pk2)
+	isCached = r.IsKeyCheckSumCached(pkChecksumString, pk2)
 	if isCached == true {
 		t.Fatal("checksum reported same for different keys")
 	}