From 616a41ac8fb6bd6fc3ff89c671bd31e96baf852f Mon Sep 17 00:00:00 2001
From: vidarno <>
Date: Wed, 3 May 2023 22:17:03 +0200
Subject: [PATCH] Test TestRegistry_AddClient_UpdatesClientPKChecksum must
 compare private key with a checksum

Signed-off-by: vidarno <>
---
 pkg/acme/accounts/registry_test.go | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/pkg/acme/accounts/registry_test.go b/pkg/acme/accounts/registry_test.go
index 045dcd6c6..d4aa7dc9c 100644
--- a/pkg/acme/accounts/registry_test.go
+++ b/pkg/acme/accounts/registry_test.go
@@ -17,6 +17,9 @@ limitations under the License.
 package accounts
 
 import (
+	"crypto/sha256"
+	"crypto/x509"
+	"encoding/base64"
 	"net/http"
 	"testing"
 
@@ -157,6 +160,10 @@ func TestRegistry_AddClient_UpdatesClientPKChecksum(t *testing.T) {
 		t.Fatal(err)
 	}
 
+	pkBytes := x509.MarshalPKCS1PrivateKey(pk)
+	pkChecksum := sha256.Sum256(pkBytes)
+	pkChecksumString := base64.StdEncoding.EncodeToString(pkChecksum[:])
+
 	// Register a new client
 	r.AddClient(http.DefaultClient, "abc", cmacme.ACMEIssuer{}, pk, "cert-manager-test")
 	l := r.ListClients()
@@ -164,12 +171,12 @@ func TestRegistry_AddClient_UpdatesClientPKChecksum(t *testing.T) {
 		t.Errorf("expected ListClients to have 1 item but it has %d", len(l))
 	}
 
-	isCached := r.IsKeyCheckSumCached("abc", pk)
+	isCached := r.IsKeyCheckSumCached(pkChecksumString, pk)
 	if isCached == false {
 		t.Fatal("checksum failed for same key")
 	}
 
-	isCached = r.IsKeyCheckSumCached("abc", pk2)
+	isCached = r.IsKeyCheckSumCached(pkChecksumString, pk2)
 	if isCached == true {
 		t.Fatal("checksum reported same for different keys")
 	}