Hello Oliver, --- Oliver Welter <[EMAIL PROTECTED]> escribió:
> Hi Johnny, > > > or even bigger? in some cases I will have a DN > like: > > > > "CN" "OU" "O" "L" "ST "C" > > > > so in this case the base should be 5?? > > If you have these - you MUST set your BaseDN to the > biggest common whcih > might be only the "C"... I don't know if I didn't understand you :-$, My requests enter through pkcs#10 option, so in that section of pub.conf I have this: ##================== [ PKCS #10 Request DN Policy Section ] ==================== ## ## You may subtitute the value of any Attribute with "ANY" to make it accept any value ## but it will still check for the existance of the attribute ## DN_TYPE_PKCS10_REQUIRED_ELEMENTS "CN" "OU" "O" "C" DN_TYPE_PKCS10_BASE "C" ## YES, EXIST, NO DN_TYPE_PKCS10_ENFORCE_BASE "EXIST" DN_TYPE_PKCS10_BASE_1 "CO" ADDITIONAL_REQUEST_ATTRIBUTES "requestercn" "email" "department" "telephone" ADDITIONAL_ATTRIBUTES_DISPLAY_VALUE "Name (first and Last name)" "Email" "Department" "Telephone" ADDITIONAL_REQUEST_ATTRIBUTES_STRING_TYPE "LATIN1_LETTERS" "EMAIL" "LATIN1_LETTERS" "LATIN1_LETTERS" is this the starting point of the problem I'm facing? I mean is this what makes that my certificates instead of having an order like: serialNumber=4,1.3.6.1.4.1.4710.1.3.2=#0C0B0C09383030373839373839,1.3.6.1.4.1.4710.1.3.1=#0C0A0C083739393837393837,2.5.4.9=#0C120C106372612032302063616C6C6520313539,C=CO,O=Ubiquando,OU=Internet,CN=LDAP Nat have this one?: serialNumber=4,1.3.6.1.4.1.4710.1.3.2=#0C0B0C09383030373839373839,1.3.6.1.4.1.4710.1.3.1=#0C0A0C083739393837393837,2.5.4.9=#0C120C106372612032302063616C6C6520313539,CN=LDAP Nat,OU=Internet,O=Ubiquando,C=CO > > I cant help you with the rdn's . ok, no problem, I will continue my tests :-) Thanks a lot Oliver, Johnny > > Oliver > -- > Diese Nachricht wurde digital unterschrieben > oliwel's public key: http://www.oliwel.de/oliwel.crt > Basiszertifikat: http://www.ldv.ei.tum.de/page72 > ______________________________________________ Renovamos el Correo Yahoo! Nuevos servicios, más seguridad http://correo.yahoo.es ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
