Michael, the ca works OK, but I still have problems with LDAP.
I had already added the objectclass like this:
objectclass ( 1.2.840.113533.7.67.7 NAME 'rfc822MailUser'
SUP top AUXILIARY
MAY ( rfcMailBox ) )
Then I tried
objectclass ( 1.2.840.113533.7.67.7 NAME 'rfc822MailUser'
SUP top AUXILIARY
MAY ( rfcMailBox $ mail ) )
These attributes are identical.
and
objectclass ( 1.2.840.113533.7.67.7 NAME 'rfc822MailUser'
SUP top AUXILIARY
MAY ( mail ) )
But I received always the same error: error 64: LDAP-add failed: naming attribute 'email' is not present in entry
Ok, I will fix it. Which directory server do you use?
This problem started after I changed DN_WITHOUT_EMAIL to "N". With "Y", I have no problem with LDAP, but I need the certificates with email in DN. Is there any problem in the script that adds the entries to LDAP?
No, the problem is that the DN includes a PKCS#9 email address but we only add an RFC822 mailbox to directory entry (the problem is our schema definition and usage). Your server is really restrictive but correct.
Max, could you get a private OID space for OpenCA to create our own attributes and more important our own object classes (http://www.iana.org/cgi-bin/enterprise.pl)? I must break the compatibility to entrust and so we need our own OID space. You are the official representative of OpenCA so could you fill in the form? I can do it too if you think it's better (so the spam goes to me :) ).
Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ OpenCA-Devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-devel
