fix(pki): send profile default KU/EKU values on certificate submit

[saifsmailbox98]

Context

Profile default KU/EKU values appeared checked but submitted as [] because shouldUnregister overwrites setValue data on Controller mount — removed it along with the pendingDefaults workaround and fixed empty subject/SAN null overrides.

Screenshots

Steps to verify the change

Type

• Fix
• Feature
• Improvement
• Breaking
• Docs
• Chore

Checklist

• Title follows the conventional commit format: type(scope): short description (scope is optional, e.g., fix: prevent crash on sync or fix(api): handle null response).
• Tested locally
• Updated docs (if needed)
• Read the contributing guide

[linear]

PKI-116 Add more default value properties to certificate profile

[maidul98]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[greptile-apps]

Greptile Summary

Fixes a bug where profile default KU/EKU values appeared checked in the UI but were submitted as empty arrays. The root cause was that shouldUnregister on Controllers caused form fields to unmount and lose their setValue data when the modal opened. This PR removes shouldUnregister entirely and eliminates the pendingDefaults workaround that tried to compensate for this issue.

Key changes:

• Removed shouldUnregister from all Controllers in CertificateIssuanceModal.tsx (CSR field, subject attributes, SANs, key algorithm, key/extended key usages, basic constraints)
• Removed the pendingDefaults state and associated setTimeout workaround in useCertificatePolicy.ts
• Fixed subject/SAN null override logic to properly send empty arrays when no values are provided but the section is shown
• Improved nesting logic for subject attribute handling to ensure null overrides are sent when user clears profile defaults

The fix ensures that when a profile has default KU/EKU values, they are properly preserved and submitted with the certificate request.

Confidence Score: 5/5

• This PR is safe to merge with minimal risk
• The fix correctly addresses a form state management issue by removing shouldUnregister which was causing form values to be lost. The changes are well-scoped to the certificate issuance modal and its policy hook, with no breaking API changes or security concerns. The logic improvements for null overrides are sound and match the expected API contract.
• No files require special attention

Important Files Changed

Filename	Overview
frontend/src/pages/cert-manager/CertificatesPage/components/CertificateIssuanceModal.tsx	Removed shouldUnregister from Controllers and improved subject/SAN null override logic to ensure profile defaults are properly submitted
frontend/src/pages/cert-manager/CertificatesPage/components/useCertificatePolicy.ts	Removed pendingDefaults workaround and setTimeout hack, now directly calls setValue for all defaults synchronously

_{Last reviewed commit: ca321b7}