To be on the safe side, block errors from signing operations from
being returned to the client. We should revisit, and make it return
a more informative error, but with high assurance that no sensitive
information is added to the message.
// TODO(hs): ignore this error case? It's not critical if the notification fails; but logging it might be good
_=notifyErr
}
returncreateFailureResponse(ctx,csr,msg,smallscep.BadRequest,fmt.Errorf("error when signing new certificate: %w",err))
returncreateFailureResponse(ctx,csr,msg,smallscep.BadRequest,"internal server error; please see the certificate authority logs for more info",fmt.Errorf("error when signing new certificate: %w",err))