Hello all.
I've got OpenCA 0.9.2.2 up and running.
I'm using the distinguished name style of DC="company", DC="com" My users are in an ldap database with the dn of uid="username", OU=People, DC="company", DC="com"
For SPKAC certificate signing requests, the CN, the UID and the OU are presented to the user. The user then generates the CSR no problem. The certificate gets generated with the following DN style. CN="Common Name", UID="username", OU="People", DC="infomatrix", DC="com" I can then "Publish to LDAP with modified DN". Presto.
For IE requests the same does not happen. The certificate fails to get generated unless I remove the UID element. Even if I then modify the CSR from the registration authority interface and then issue it, the resultant certificate does not get a uid="username" element to the dn. Therefore I cannot publish it properly.
Why is this happening? Can the IE crypto service providers not handle the UID element at all? Is there a better way to get the certificates published under the uid="username" node?
Many thanks.
Ben Tullis
========================================= Ben Tullis
begin:vcard fn:Ben Tullis n:Tullis;Ben org:Infomatrix Ltd. adr:High Street;;The Old School;Fen Drayton;Cambs;CB4 5SJ;United Kingdom email;internet:[EMAIL PROTECTED] title:IT Manager tel;work:+44 1954 232010 tel;fax:+44 1954 230031 url:http://infomatrix.com version:2.1 end:vcard
