In the immortal words of Roman Baumer:
> [Fri Oct 29 15:42:50 2004] [error] decode error 7b<=>30 at
> /usr/local/home/dsamgr/mdstools/lib/site_perl/5.6.1/Convert/ASN1/_decode.pm
> line 110, <DATA> line 283
>
> This only happens when I try to fetch a userCertificate. And this is a
> little bit special, because in out LDAP server schema the attribute
> userCertificate is defined as string, rather then binary. (Hack to
> support an old version of Entrust ;-( )
>
> Bye the way, although this attribute setup is unusual, I have no
> problems with other clients. It then looks like: "{ASN}308206C7..."
Interesting/suspicious that the problem value 7b happens to be the
ASCII code for the opening brace "{"... perhaps it is getting
"double-decoded" for some reason.
Actually, this format is nice (our X.500 directory also generates
those strings, but we don't use perl-ldap to get at them); converting
to PEM is simply:
use MIME::Base64;
if ($user_cert =~ s/^{ASN}// && $user_cert =~ /^[0-9a-fA-F]*$/) {
$user_cert = "-----BEGIN CERTIFICATE-----\n" .
encode_base64(pack("H*", $user_cert)) .
"-----END CERTIFICATE-----\n";
}
%% Christopher A. Bongaarts %% [EMAIL PROTECTED] %%
%% Internet Services %% http://umn.edu/~cab %%
%% University of Minnesota %% +1 (612) 625-1809 %%
