[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapmodify error

At 02:47 PM 12/2/99 GMT, Madalina Baltatu wrote:
>Hello to everybody.
>I'm running OpenLDAP 1.2.7 on a Solaris 2.7 system. I'm using LDAP as a 
>repository for an experimental CA.
>I'm trying to add a new "userCertificate;binary" attribute to en entry which 
>has an userCertificate attribute.

OpenLDAP doesn't support attribute type options.  This is an
LDAPv3 feature.

You, however, can define "userCertificate;binary" as it's own
attribute type (of syntax 'bin').

>When the der file which contains the new 
>certificate has the same size as the der file which contains the already 
>inserted certificate, ldapmodify will return an error "ldap_modify: Type or 
>value exists", even if the two der files (i.e., the two certs) are different 
>(they only happen to have the same number of bytes).

Because you liked didn't define "userCertificate;binary" as an
attribute type of syntax 'bin', slapd did a 'cis' comparison.

>For other entries which 
>have 2 or more certificates with the der encodings of different sizes this 
>problem doesn't appear. 
>Is this a software bug?


>How can I have it fixed?


attribute	userCertificate;binary	bin

to your slapd.conf (or *.at.conf) file.

Kurt D. Zeilenga		<kurt@boolean.net>
Net Boolean Incorporated	<http://www.boolean.net/>