Hello,
I'm writing because of the error in the subject :) I get it when I try to add certificates to LDAP directory.
Well, the unknown attribute is "description". In my CA, it must be included in certificates' subject. This attribute should contain a list of values like this: "description=C=<value1>/N=<value2>/D=<value3>/R=<value4>". I noticed that X509.pm parses it bad, so I added these lines of code (in parseCert() function, before the first "while" loop):
####################################################
if ($ret->{DN} =~ /description/)
{
$ret->{DN} =~ s/C=(.*), N=(.*), D=(.*), R=(.*)/C=$1\/N=$2\/D=$3\/R=$4/;
}
####################################################
I needed to add these lines, otherwise the N, D and R fields are splitted from "description". (BTW, I get the same problem when I view certificates with openssl's x509 utility... but I think certificates are ok, because when I viewed the DER form with an hex editor, the "description" field was ok).
This problem should be already fixed in CVS head because of some requests from Italy (signature law) and one request and patch from Australia (globus toolkit at a university).
Now, I get that error. I tried to patch addLDAPobject in ldap-utils.lib, but actually I don't know exactly how to do it. If someone could give me a hint...
We need to know the following things:
1. should a special objectclass be used to store the DN which begins with description
2. is description be the least significant RDN (sometimes called attribute)
If you know the answers then it is possible to the code to ldap-utils very easily.
Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
