Root CA is not added to CertificateRequest status although configured

[hoffimar]

I am not able to get the root CA of the certificate chain in the status of the CertificateRequest CR. The length of the root CA is 0 here.
I tested this with order types ssl_securesite_flex and private_ssl_flex, and the check in

digicert-issuer/pkg/provisioners/x509.go

Line 78 in 929058f

return cert.CheckSignatureFrom(cert) == nil

returned an https://pkg.go.dev/crypto/x509#InsecureAlgorithmError for the root CA (DigiCert G1).
My proposal would be to use a different check: bytes.Equal(crt.RawIssuer, crt.RawSubject).

[kayrus]

@hoffimar thanks for reporting this. There were some known issues on the DigiCert side a few weeks ago that should have since been resolved. Are you still experiencing this?