Hi Michal,
glad to hear its working - to be sure please check the certificate with
asn1parse - just to avoid its a "lookalike" ;)
Oliver
Am 30.03.21 um 10:01 schrieb Michal Moravec:
> Hello Oliver,
>
>> I am not sure if the parser extracts this correct from the CSR, so
>> please have a look to the workflow context if the elements are
>> correct there. If this is the case it SHOULD work if you escape the
>> comma with a backslash using the template toolkits replace method. (
>> something like [% O.0.replace(',','\') %] -
>> see http://www.template-toolkit.org/docs/manual/VMethods.html#method_replace
> Thank you! :-)
>
>> O=[% O.0.replace(',','\,') %]
> Escaping with backslash using the replace method works.
>
> Log says:
>> Rendering subject: CN=User Name Testing19,OU=SomeGroup,O=Company\,
>> s.r.o.
>
> OpenSSL -text output (issued certificate):
> O=Company, s.r.o., OU=SomeGroup, CN=User Name Testing19
>
> Michal Moravec
>
>> On 30. 3. 2021, at 8:21, Oliver Welter <m...@oliwel.de
>> <mailto:m...@oliwel.de>> wrote:
>>
>> Hi Michal,
>>
>> I am not sure if the parser extracts this correct from the CSR, so
>> please have a look to the workflow context if the elements are
>> correct there. If this is the case it SHOULD work if you escape the
>> comma with a backslash using the template toolkits replace method. (
>> something like [% O.0.replace(',','\') %] - see
>> http://www.template-toolkit.org/docs/manual/VMethods.html#method_replace
>>
>> Oliver
>>
>> Am 29.03.21 um 11:12 schrieb Michal Moravec:
>>> Hello,
>>>
>>> I am setting up SCEP enroll workflow. I have problem rendering
>>> subject when there are comma and space characters in the DN.
>>>
>>> CSR:
>>>> SET {
>>>> SEQUENCE {
>>>> OBJECT IDENTIFIER organizationName (2 5 4 10)
>>>> UTF8String 'Company, s.r.o.'
>>>> }
>>>> }
>>>
>>> Profile -> Enroll -> Subject -> DN configuration
>>>> enroll:
>>>> subject:
>>>> dn: CN=[% CN.0 %],OU=[% OU.0 %],O=[% O.0 %]
>>>
>>> Rendered subject:
>>>> CN=User Name Testing,OU=Somegroup,O=Company,s.r.o.=s.r.o.
>>> This is not a desired result. I want the "O=Company, s.r.o"
>>> I guess I need to do some kind of "escaping" somewhere.
>>>
>>> Any ideas what should I do to fix this?
>>>
>>> S přátelským pozdravem,
>>>
>>>
>>> Logicworks <https://logicworks.cz/>
>>>
>>> Michal Moravec Apple system administrator
>>>
>>> Logicworks, s.r.o. <https://logicworks.cz/>
>>> Argentinská 1621/36, Praha 7
>>> <https://www.google.cz/maps/place/Etnetera+Logicworks,+s.r.o./@50.1078991,14.4517256,17z/data=!3m1!4b1!4m5!3m4!1s0x470b94b2b61cb52d:0x6c88178df7f3ff49!8m2!3d50.1078957!4d14.4539143>
>>>
>>> www.logicworks.cz <https://logicworks.cz/>| 778745013 <tel:778745013>
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> OpenXPKI-users mailing list
>>> OpenXPKI-users@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/openxpki-users
>>
>>
>> --
>> Protect your environment - close windows and adopt a penguin!
>> _______________________________________________
>> OpenXPKI-users mailing list
>> OpenXPKI-users@lists.sourceforge.net
>> <mailto:OpenXPKI-users@lists.sourceforge.net>
>> https://lists.sourceforge.net/lists/listinfo/openxpki-users
>
>
>
> _______________________________________________
> OpenXPKI-users mailing list
> OpenXPKI-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openxpki-users
--
Protect your environment - close windows and adopt a penguin!
_______________________________________________
OpenXPKI-users mailing list
OpenXPKI-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openxpki-users
