[Date Prev][Date Next]
(ITS#5072) Possibly incorrect certificateExactAssertion()
Full_Name: Pierangelo Masarati
Submission from: (NULL) (126.96.36.199)
Submitted by: ando
A certificate in certificateExactAssertion GSER form should be something like
(wrapped for readability)
issuer rdnSequence:email@example.com,cn=example ca,o=example,st=xx,c=us
according to RFC4523 & RFC3687, as far as I understand it. However, OpenLDAP
HEAD uses the form
issuer "firstname.lastname@example.org,cn=example ca,o=example,st=xx,c=us"
Note the quotes around the DN and the missing "rdnSequence:" prefix.