[ https://issues.apache.org/jira/browse/DIRSERVER-1198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14698197#comment-14698197 ]
Dominik Heine commented on DIRSERVER-1198: ------------------------------------------ Thanks for the quick reply. There is definitely something odd. It might actually be that the problem is a combination of ApacheDS and Apache Directory Studio. If I use Apache Directory Studio to add the Attribute "userCertificate;binary" to ApacheDS it converts it immediately after adding a value to the attribute (only after adding/editing value) to just "userCertificate" and the ";binary" disappears. If I then run a query for "userCertificate;binary" the result is empty. But if I use the Apache Directory Studio to do the same with an OpenLDAP server the "userCertificate;binary" stays and also the query for it works. But then if I take your test and modify it to an LDIF file (with my test-DN): dn: cn=Kate Bush,o=test objectclass: top objectclass: person objectclass: inetOrgPerson userCertificate;binary:: PEhlbGxvIHdvcmxkICE+ sn: Bush cn: Kate Bush and Import this with Apache Directory Studio then the userCertificate;binary stays but only until I edit the value, then it also disappears again. The modify looks like this (making it <Hello world2 !>): dn: cn=Kate Bush,o=test changetype: modify replace: userCertificate;binary userCertificate;binary:: PEhlbGxvIHdvcmxkMiAhPg== This is strange because I am using the same editor (Apache Directory Studio) with OpenLDAP and with OpenLDAP I don't have that issue. You moved this issue to Studio once before but it was moved back, I think you were on the right track. I guess it needs to be looked at again from both perspectives. > Requests of usercertificate;binary are not supported > ---------------------------------------------------- > > Key: DIRSERVER-1198 > URL: https://issues.apache.org/jira/browse/DIRSERVER-1198 > Project: Directory ApacheDS > Issue Type: Bug > Reporter: Chris Trobridge > Assignee: Emmanuel Lecharny > Fix For: 2.0.0-M1 > > > ApacheDS only supports the retrieval of certificates without the ;binary > transfer suffix. > RFC4523 states certificates must be transferred using the ;binary transfer > option. > In practice we have clients in the field that are making requests both with > and without the option so we'd need support for both methods to be able to > consider deploying ApacheDS. -- This message was sent by Atlassian JIRA (v6.3.4#6332)