I'd like to issue certificates to users uniquelly identified by serialNumber in DN.
Openca (as I tested) puts serial of the issued certificate into the serialNumber attribute.
Problem is, when I use openca way to have unique DNs for users and reissue a cert for any user,
new identity of the existing user will occur in my LDAP tree.
This is not possible for me, so I'd like to fill this attribute with an employe number
which is unique and could represent identity.
No real problem, you can simply deactivating the addition of the serial in the configration.
Second problem is, openca constructs DN this way:
serialNumber=anyvalue,cn=John Doe, ou=certreq group,basedn
Is there any possibility to have DN of following syntax?
serialNumber=anyvalue+cn=John Doe, ou=certreq group,basedn
If I understand, RFC2253 allow this syntax, but not openca.
This is correct RFC2253 support such DNs. OpenCA 0.9.x should support these DNs too (at minimum 0.9.2 aka CVS HEAD will do it). The major problem is our LDAP support. I will start testing it but this takes two or three days.
Greetings Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
