the problem was setting serial_num via inputs. It works now well with

2015-10-31 18:05 GMT+01:00 Marcin Mierzejewski <>:
I got method which creates renewal request for given certificate
private CertEnrollmentRequest createUserEncryptionArchivedCertRenewalEnrollment(int oldCertificateId) {

CertEnrollmentRequest data = new CertEnrollmentRequest();

ProfileInput certReq = data.createInput("Serial Number of Certificate to Renew");
certReq.addAttribute(new ProfileAttribute("serial_num", Integer.toString(oldCertificateId), null));

return data;
but after enroll this request I get request for renewal of PKI Administrator for localdomain. If I choose not to loging in as PKI Admin, there is a error telling me that I don't have any certificates to renewal or certificate is corupted.That's weird becouse it works via dogtag enduser entity, even without loggin in.