Re: [Openca-Users] OpenCA Common Name characters - General information

Thu, 18 Mar 2004 23:36:12 -0800

Chris Covell wrote:

1) Fully acceptable characters are a..z, A..Z, 0..9, "space" ' $ & % ( ) * ! @ . :

2) comma (,) and semi-colon (;) cause the MS Enhanced CSP to fail generating a CSP (although they are accepted by the OpenCA character verification when filling in the form). Note comma (,) is accepted by Netscape.

3) hash (#) causes an error in OpenCA the CSP is generated but not correctly handled by OpenCA (during gen_csr) which hangs during the request submission. We have checked the apache and ssl logs which show nothing.

4) UK pound (�) is accepted but encoded. With IE the encoding is \C3\82\C2\A3 and Netscape the encoding is \C2\A3. In both cases certificates that have a CN containing a � character fail to write to OpenLDAP.

Obviously there is a problem with the # character which I think constitutes a code defect.

Which gen_csr do you mean? Should this be a showstopper for 0.9.2-0? After IE works now I see no real showstopper - until I read your mail.

I just wanted to let you know that we have seen these problems. I can't see any reference to updates in the 0.9.2 series, so they may well be that this series has the same issues.

Can you add it to the documentation please? There are three possible locations:

user/csr.xml
user/clients.xml
user/publicInterface.xml (not prefered)

Michael
--
-------------------------------------------------------------------
Michael Bell                   Email: [EMAIL PROTECTED]
ZE Computer- und Medienservice            Tel.: +49 (0)30-2093 2482
(Computing Centre)                        Fax:  +49 (0)30-2093 2704
Humboldt-University of Berlin
Unter den Linden 6
10099 Berlin                   Email (private): [EMAIL PROTECTED]
Germany                                       http://www.openca.org



-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id70&alloc_id638&op=click
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Reply via email to