[jira] [Commented] (DIRSERVER-1198) Requests of usercertificate;binary are not supported

Sat, 15 Aug 2015 02:30:07 -0700 

    [ 
https://issues.apache.org/jira/browse/DIRSERVER-1198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14698197#comment-14698197
 ] 

Dominik Heine commented on DIRSERVER-1198:
------------------------------------------

Thanks for the quick reply. There is definitely something odd. It might 
actually be that the problem is a combination of ApacheDS and Apache Directory 
Studio.

If I use Apache Directory Studio to add the Attribute "userCertificate;binary" 
to ApacheDS it converts it immediately after adding a value to the attribute 
(only after adding/editing value) to just "userCertificate" and the ";binary" 
disappears. If I then run a query for "userCertificate;binary" the result is 
empty.

But if I use the Apache Directory Studio to do the same with an OpenLDAP server 
the "userCertificate;binary" stays and also the query for it works.

But then if I take your test and modify it to an LDIF file (with my test-DN):
dn: cn=Kate Bush,o=test
objectclass: top
objectclass: person
objectclass: inetOrgPerson
userCertificate;binary:: PEhlbGxvIHdvcmxkICE+
sn: Bush
cn: Kate Bush

and Import this with Apache Directory Studio then the userCertificate;binary 
stays but only until I edit the value, then it also disappears again.
The modify looks like this (making it <Hello world2 !>):
dn: cn=Kate Bush,o=test
changetype: modify
replace: userCertificate;binary
userCertificate;binary:: PEhlbGxvIHdvcmxkMiAhPg==

This is strange because I am using the same editor (Apache Directory Studio) 
with OpenLDAP and with OpenLDAP I don't have that issue.

You moved this issue to Studio once before but it was moved back, I think you 
were on the right track. I guess it needs to be looked at again from both 
perspectives.

> Requests of usercertificate;binary are not supported
> ----------------------------------------------------
>
>                 Key: DIRSERVER-1198
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1198
>             Project: Directory ApacheDS
>          Issue Type: Bug
>            Reporter: Chris Trobridge
>            Assignee: Emmanuel Lecharny
>             Fix For: 2.0.0-M1
>
>
> ApacheDS only supports the retrieval of certificates without the ;binary 
> transfer suffix.
> RFC4523 states certificates must be transferred using the ;binary transfer 
> option.
> In practice we have clients in the field that are making requests both with 
> and without the option so we'd need support for both methods to be able to 
> consider deploying ApacheDS.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to