Hi, it's a little bit difficult to understand what's going wrong.
Mauricio Rojas (ISC) wrote:
Because, my ldap server can not work with the serialNumber in the DN user certificate.
This is normally a problem with your schemas. Which ldap-server do you use?
But, I have problem to update the RCL. because, the ldap modify operation use CA DN with emailAddress append to the real CA DN.
1. What is a RCL? Is it only a typo and you mean CRL? 2. Sorry, but the the real CA DN includes the emailAddress in your case.
This append when the ldap-utils.lib function get the ISSUER value and storage this in the var $dn
This means the DN of you CA-cert includes the emailaddress.
Simply don't enter the emailaddress during the requestgeneration. If you you need the emailaddress in the subject alternative then you can enter it in OPENCADIR/etc/openssl/openssl.cnf.How can I set the CA configuration to make the CA Certificate without emailAddress in its DN???
Best regards
Michael
--
-------------------------------------------------------------------
Michael Bell Email (private): [EMAIL PROTECTED]
Rechenzentrum - Datacenter Email: [EMAIL PROTECTED]
Humboldt-University of Berlin Tel.: +49 (0)30-2093 2482
Unter den Linden 6 Fax: +49 (0)30-2093 2959
10099 Berlin
Germany http://www.openca.org
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
