AdminUI :: Certificate : Attribute Format

book

Article ID: 17475

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Issue :

When I insert a new Certificate in the Certificate Store using the AdminUI, the operation fails with error :

16:53:56,349 ERROR [FedPkiKeyStore] **ERROR**
java.security.cert.CertificateException commiting keystore
change for alias infdsdbf01.

Caused by: com.rsa.certj.cert.NameException: PrintableString expected.How can I fix this ?

Environment :

AdminUI 12.52SP1

Cause :

The certificates fields format should respect the standards. In that use case, one of the certificate fields has different format as the one expected.

Restrictions of the RFC 5280 :

-- Naming attributes of type X520SerialNumber

id-at-serialNumber AttributeType ::= { id-at 5 }
X520SerialNumber ::= PrintableString (SIZE (1..ub-serial-number))

(http://www.ietf.org/rfc/rfc5280.txt)

 

Solution:

You have to set the serialNumber as PrintableString and not UTF8String to solve the issue.

 

Environment

Release:
Component: SMAUI