OK, here is how it works with mscrypto and xmlsec 1.2.18

Example 1:
<KeyName>CA, GC, PWGSC-TPSGC, "Ed Shallow"</KeyName>

Example 2 with a special character:
<KeyName>CA, GC, PWGSC-TPSGC, "Shallow, Ed"</KeyName>

In other words, do not use the sub-type qualifiers in the DN string i.e. cn=
ou= o= c=

Order is also important.

Cheers,
Ed

On Wed, Oct 19, 2011 at 7:38 PM, EdShallow <[email protected]> wrote:

> OK. Give me a day or so and I will check the source to see if anything has
> changed in the CAPI calls.
> On Oct 19, 2011 7:29 PM, "Aleksey Sanin" <[email protected]> wrote:
>
>> Not that I am aware of.
>>
>> Aleksey
>>
>> On 10/19/11 2:02 PM, EdShallow wrote:
>>
>>> . . . sorry forgot to mention, this behavior is with mscrypto
>>> Ed
>>>
>>> ---------- Forwarded message ----------
>>> From: "EdShallow" <[email protected] <mailto:[email protected]>>
>>> Date: Oct 19, 2011 3:55 PM
>>> Subject: Use of full DistinguishedName in KeyName
>>> To: "[email protected] <mailto:[email protected]>" <[email protected]
>>> <mailto:[email protected]>>
>>>
>>> Hi Aleksey,
>>>
>>>    Use of full DN in KeyName template element used to work in oldwr
>>> versions of xmlsec.
>>>
>>>     As of 1.2.18 I can only get CommonName to work.
>>>
>>> Example:
>>> This works
>>> <KeyName>Shallow Ed</KeyName>
>>>
>>> This does not:
>>> <KeyName>cn=Shallow Ed,ou=finance,o=acme,c=ca</**KeyName>
>>>
>>> I receive an "Object or property cannot be found" message.
>>>
>>> Are there any constraints for naming?
>>>
>>> Ed
>>>
>>>
>>>
>>> ______________________________**_________________
>>> xmlsec mailing list
>>> [email protected]
>>> http://www.aleksey.com/**mailman/listinfo/xmlsec<http://www.aleksey.com/mailman/listinfo/xmlsec>
>>>
>>


-- 
Ed's Contact Information:
Mobile Phone: 613-852-6410
Gmail: [email protected]
VOIP Address: [email protected]
VOIP DID#: 613-458-5004
Skype ID: edward.shallow
Home Phone: 613-482-2090
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec

Reply via email to