[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Multiple values for userCertificate attribute

To: "Riccardo Alessandrini" <alessanr@eng.it>
Subject: Re: Multiple values for userCertificate attribute
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Wed, 02 Nov 2005 08:56:47 -0800
Cc: <OpenLDAP-software@OpenLDAP.org>
In-reply-to: <EAEKIAODIJKAMBNFCNCJAEHBCFAA.alessanr@eng.it>
References: <EAEKIAODIJKAMBNFCNCJAEHBCFAA.alessanr@eng.it>

At 01:41 AM 11/2/2005, Riccardo Alessandrini wrote:
>I've imported in the slapd.conf file the following schemas:
>core.schema
>cosine.schema
>inetorgperson.schema
>
>I can insert in the LDAP only one digital certificate for a user.
>I can't insert more than one certificate in one entry, and when I try the
>error
>is the following:
>"no equality matching rule"
>
>Any ideas, please?

If the attribute has no equality matching rule, such
as userCertificate as defined in RFC 2256, then one
cannot individually add/delete values from the
attribute.  One can create the attribute with
multiple values, replace all values with
a new set of multiple values, or delete the
attribute.

As modern versions of slapd(8), e.g. 2.3.11,
implement userCertificate as defined in
draft-zeilenga-ldap-x509-xx.txt, which
specifies an equality matching rule for this
attribute type, I suspect you are running
an older version of slapd(8).  If so, you
should consider updating.

Kurt

References:
- Multiple values for userCertificate attribute
  - From: "Riccardo Alessandrini" <alessanr@eng.it>

Prev by Date: Re: International searches
Next by Date: Rép. : Probleme with my certificat
Index(es):
- Chronological
- Thread