Thanks a lot Alfonso, I have another question. Is LDAP case sensitive? I'd like to know if I can use "O=CERTICAMARA,C=CO" as well as "o=Certicamara,c=CO"
Thanks, Johnny --- Alfonso Sparano <[EMAIL PROTECTED]> escribi�: > 1) The slash (\) is for long line: > > dn: serialNumber=9,OU=Internet,CN=Maria > DeliaGonzalez > Lizarazo,C=CO,L=Bogota\ > > ,ST=calle 65 7-15,O=CERTICAMARA > > You can see the slash, the carriage return and a > space character. After the > space there is the rest of your string. > > > > The complete distinguished name (DN) is > > serialNumber=9,OU=Internet,CN=Maria DeliaGonzalez > Lizarazo,C=CO,L=Bogota,ST=calle 65 > 7-15,O=CERTICAMARA > > > > 2) The order is really important for LDAP. Ldap is a > tree database and so > you have a root (perhaps O=CERTICAMARA,C=CO) and a > sub-tree OU=Internet. > Inside this sub-tree there are all the user > certificate and so your java > application must access to: > > > > serialNumber=9,CN=Maria DeliaGonzalez > Lizarazo,C=CO,L=Bogota,ST=calle 65 > 7-15, OU=Internet , O=CERTICAMARA,C=CO. > > > > That�s all folk, > > > > Regards Alfonso > > > > > > > > > > -----Messaggio originale----- > Da: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > Per conto di Johnny > Gonzalez > Inviato: venerd� 26 novembre 2004 16.49 > A: Openca Users list > Oggetto: [Openca-Users] Question about LDAP > certificates Update > > > > Hello Everybody. > > > > I'm generating request using my own Java app, it > sends > > the requests to my RA server and it accepts all the > > requests I'm sending. I also can sign requests and > > Issue certificates. The big problem is when I try to > > update my LDAP with the new Issued certificates, it > > shows me this error message: > > > > Certificate 4 FAILED (error -4: Distinguished name > > conflicts with basedn(s).) > > > > So I check out my CA's DN and the DN used in my > > requests (certificates), and they all have the same > > base: O=CERTICAMARA,C=CO, but the only difference I > > can see is that the DN from my requests doesn't have > > the same order, for example, this is the DN for a > > certificate I issued using OpenCA's Interface: > > > > dn: serialNumber=8,CN=Rafael > > Gonzalez,OU=Internet,O=CERTICAMARA,C=CO > > > > and this is a DN from a request made using my java > > app: > > > > dn: serialNumber=9,OU=Internet,CN=Maria > DeliaGonzalez > > Lizarazo,C=CO,L=Bogota \ ,ST=calle 65 > > 7-15,O=CERTICAMARA > > > > Is the order of the dn elements important to upload > my > > certificates to LDAP? > > I can also see a backslash (\) after my Locality > > element (L), can this be the responsible for the > error > > message. > > > > > > > > I set the debug option to true, so here are some > > fragments for the debug output. > > > > What should I do? > > Thanks a lot, > > johnny > > > > > > LDAP DEBUG OUTPUT FOR CERTIFICATES UPDATE: > > > > (DEBUG) OpenCA::LDAP->add_object: Started add_object > > ... > > (DEBUG) OpenCA::LDAP->add_object: certificate > present > > ... > > (DEBUG) OpenCA::LDAP->add_object: no CA-cert ... > > (DEBUG) OpenCA::LDAP->add_object: IS_CA ...0 > > (DEBUG) OpenCA::LDAP->add_object: role ok ... > > (DEBUG) OpenCA::LDAP->add_object: Information of the > > Object: > > (DEBUG) OpenCA::LDAP->add_object: dn > > serialNumber=8,CN=Rafael > > Gonzalez,OU=Internet,O=CERTICAMARA,C=CO > > (DEBUG) OpenCA::LDAP->add_object: cn Rafael Gonzalez > > (DEBUG) OpenCA::LDAP->add_object: serID 8 > > (DEBUG) OpenCA::LDAP->add_object: email > > [EMAIL PROTECTED] > > (DEBUG) OpenCA::LDAP->add_object: ou > ARRAY(0xa5c2708) > > (DEBUG) OpenCA::LDAP->add_object: o CERTICAMARA > > (DEBUG) OpenCA::LDAP->add_object: l > === message truncated === ______________________________________________ Renovamos el Correo Yahoo!: �100 MB GRATIS! Nuevos servicios, m�s seguridad http://correo.yahoo.es ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
