Hi,I assume you have some non-latin chars in the data? Can you try with 1.19 - it looks like this is problem with the utf8 chars in the old serialization, this should be fixed in 1.19.
Oliver Am 16.11.2017 um 14:52 schrieb Станислав Захаров:
Good Day! Thanks for help. but I have no success ;(1) I'm still using version 1.18, since there's no distribution for 1.19 for Ubuntu 14.04 ;(Will it appear?2) I stopped on first step: I don't understand how to preset username field to logged in username? I try to add line "preset: "[% creator %]"" into "config.d/realm/ca-NPK/profile/template/username.yaml", but have clear field.I tried different options (context.creator, etc.), but nothing has changed.When I try set it via OpenXPKI::Server::Workflow::Activity::Tools::SetContextHash, i get "I18N_OPENXPKI_SERIALIZATION_SIMPLE_READ_DATA_TYPE_NOT_SUPPORTED".My certificate_signing_request_v2.yaml: ---- ... ENTER_SUBJECT: label: I18N_OPENXPKI_UI_WORKFLOW_STATE_CSR_ENTER_SUBJECT_LABEL description: I18N_OPENXPKI_UI_WORKFLOW_STATE_CSR_ENTER_SUBJECT_DESC action: # - edit_subject > ENTER_SAN - npk_fill_subject edit_subject > ENTER_SAN ... action: ... npk_fill_subject: class: OpenXPKI::Server::Workflow::Activity::Tools::SetContextHash param: target_key: cert_subj_parts _map_username: "[% creator %]" # username: "stace" ---- log: ---2017/11/16 20:05:06 openxpki.application.INFO Execute action csr_npk_fill_subject on workflow #3460863 [pid=5156|sid=htLD|wftype=certificate_signing_request_v2|wfid=3460863] 2017/11/16 20:05:06 openxpki.application.INFO Execute action csr_edit_subject on workflow #3460863 [pid=5156|sid=htLD|wftype=certificate_signing_request_v2|wfid=3460863] 2017/11/16 20:05:06 openxpki.system.ERROR I18N_OPENXPKI_SERIALIZATION_SIMPLE_READ_DATA_TYPE_NOT_SUPPORTED; __MSG__ => ; __SEPARATOR__ => ; __CALLER__ => ARRAY(0x8792880) [pid=5156|sid=htLD|wftype=certificate_signing_request_v2|wfid=3460863] 2017/11/16 20:05:06 Workflow.ERROR Caught exception from action: I18N_OPENXPKI_SERIALIZATION_SIMPLE_READ_DATA_TYPE_NOT_SUPPORTED; __SEPARATOR__ => ; __CALLER__ => ARRAY(0x8792880); __MSG__ => ; reset workflow to old state 'ENTER_SUBJECT_CSR_NPK_FILL_SUBJECT_0' [pid=5156|sid=htLD|wftype=certificate_signing_request_v2|wfid=3460863] 2017/11/16 20:05:06 openxpki.system.ERROR I18N_OPENXPKI_SERVER_WORKFLOW_ERROR_ON_EXECUTE; __ERROR__ => I18N_OPENXPKI_SERIALIZATION_SIMPLE_READ_DATA_TYPE_NOT_SUPPORTED; __MSG__ => ; __CALLER__ => ARRAY(0x8792880); __SEPARATOR__ => ; __ACTION__ => csr_edit_subject; __EXCEPTION__ => OpenXPKI::Exception [pid=5156|sid=htLD|wftype=certificate_signing_request_v2|wfid=3460863] 2017/11/16 20:05:06 openxpki.workflow.ERROR Error executing workflow activity 'csr_npk_fill_subject' on workflow id 3460863 (type certificate_signing_request_v2): I18N_OPENXPKI_SERVER_WORKFLOW_ERROR_ON_EXECUTE; __EXCEPTION__ => OpenXPKI::Exception; __ACTION__ => csr_edit_subject; __ERROR__ => I18N_OPENXPKI_SERIALIZATION_SIMPLE_READ_DATA_TYPE_NOT_SUPPORTED; __SEPARATOR__ => ; __CALLER__ => ARRAY(0x8792880); __MSG__ => [pid=5156|sid=htLD|wftype=certificate_signing_request_v2|wfid=3460863]---3) I try to use LDAP::Single instead of Simple, but have error: "I18N_OPENXPKI_SERVER_WORKFLOW_ACTIVITY_TOOLS_CONNECTOR_GET_VALUE_NO_PATH" If I change "_map_config_key" to "config_key" this error if fixed, but I get "Can't use an undefined value as a HASH reference at /usr/share/perl5/Connector/Proxy/Net/LDAP/Single.pm line 77", probably because the query does not return data ;(my current notify_expiry.yaml: --- ... load_userdata:class: OpenXPKI::Server::Workflow::Activity::Tools::Connector::GetValueparam: config_prefix: metadata.user_name_map_config_key: "[% USE Certificate %][% Certificate.attr( context.cert_identifier, 'meta_requestor').0 %]"target_key: user_name load_userdata_new:class: OpenXPKI::Server::Workflow::Activity::Tools::Connector::GetValueparam: mode: map config_prefix: metadata.*user_ldap* # _map_config_key: "[% context.cert_subject_parts.email %]"# _map_config_key: "[% USE Certificate %][% Certificate.attr( context.cert_identifier, 'meta_requestor').0 %]"_map_config_key: "[% context.cert_identifier.meta_requestor %]" # config_key: "[% context.cert_subject_parts.email %]" attrmap: user_email -> mail, user_name -> displayName ... --- my metadata.yaml: --- ... connectors: .... user_name: class: Connector::Proxy::Net::LDAP::Simple LOCATION: ldap://localhost:389 base: ou=people,dc=int,dc=npk,dc=ru filter: (uid=[% ARGS.0 %]) attrs: displayName user_mail: class: Connector::Proxy::Net::LDAP::Simple LOCATION: ldap://localhost:389 base: ou=people,dc=int,dc=npk,dc=ru filter: (uid=[% ARGS.0 %]) attrs: mail *user_ldap*: class: Connector::Proxy::Net::LDAP::*Single* LOCATION: ldap://localhost:389 base: ou=people,dc=int,dc=npk,dc=ru filter: (uid=[% ARGS.0 %]) attrs: mail, displayName # attrs: mail, cn ... --- 03.11.2017 13:31, Oliver Welter пишет:Hi,for the encoding issue, please try the new 1.19 release. We changed the serialization format which will hopefully catch those issues.You have two options to map the LDAP data into the profile. If you want to keep the input forms, prefill the "cert_subj_parts" hash using the class OpenXPKI::Server::Workflow::Activity::Tools::SetContextHash If you dont need the profile forms, you can replace the "render_subject" activity with a hardcoded action to set the "cert_subject" context value to the expected string (using Tools::SetContext).Oliver
-- Protect your environment - close windows and adopt a penguin!
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
