DogTAG PKI - crlDistributionPoints cert profile: Type_0 : URIName error
by Frederic d'Huart
Hello Pki users,
Section B.1.4. of the RH admin guide refers to the following acceptable
values
for crlDistributionPoint Type:
DirectoryName
URIName
RelativeToIssuer
Using PKIConsole, I have added to the caUserCert profile a policy for
include a CDP as follow:
policyset.userCertSet.13.default.name=CRL Distribution Points Extension
Default
policyset.userCertSet.13.default.params.crlDistPointsCritical=false
policyset.userCertSet.13.default.params.crlDistPointsEnable_0=true
policyset.userCertSet.13.default.params.crlDistPointsPointType_0=URIName
policyset.userCertSet.13.default.params.crlDistPointsPointName_0=http://xxx.xxx.xxx/crl/xxx.crl
policyset.userCertSet.13.default.params.crlDistPointsReasons_0=
after profile re-activated, and new request generated, I get the
following error on the agent interface:
The Certificate System has encountered an unrecoverable error.
Error Message:
/java.lang.ClassCastException: netscape.security.x509.Extension cannot
be cast to netscape.security.x509.CRLDistributionPointsExtension/
Please contact your local administrator for assistance.
Any Ideas what could be wrong ?
Thank you.
13 years, 10 months
- 4
- 8
Migration the Redhat Certificate system to Dogtag certificate system
by Harshana Porawagama
Hi,
Does anybody have tried migrating a Redhat certificate system (7.3) to
Dogtag certificate system?
--
Best Regards,
Harshana
14 years
- 1
- 0
- ← Newer
- 1
- Older →