[Pki-users] Dogtag - subjectAltName not correctly substituted: $request.requestor_email$
Harshana Porawagama
harshana at techcert.lk
Tue Sep 21 04:10:11 UTC 2010
Hi,
This happens because of the policy number 8 of the RA-Agent
authenticated Agent User Certificate Enrollment profile (caRAagentCert).
You can completely remove this policy as a workaround. I did that on our
CA.
This is also a problem when you use a certificate in MS Office Outlook
2007. There if you receive a signed email from a user it displays
"Signed by" as "$request.requestor_email$" where it suppose to be the
senders email.
Regards,
Harshana
On 09/21/2010 02:58 AM, Frederic d'Huart wrote:
> FC12 latest update.
> pki-ca v1.3.6-1.fc12 and pki-ra v 1.3.1-1.fc12
> yum repo fetch from: http://pki.fedoraproject.org/pki/download/pki/pki.repo
>
>
> When trying to generate a user certificate using the RA end user
> interface, I have notice the subjectAltName was not substituted correctly.
>
> My user certs always display:
>
> X509v3 Subject Alternative Name:
> email:$request.requestor_email$
>
>
> The only reference found was related to RH Cert Manager on the following
> link:
>
> http://www.redhat.com/docs/manuals/cert-system/8.0/rel-notes/html/Release_Notes-Known_Issues-new.html
>
> defined as Bug N° 238039 but no workaround proposed.
>
> Does somebody knows how to fix this issue ?
>
> Thank you.
>
>
>
> _______________________________________________
> Pki-users mailing list
> Pki-users at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3976 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/pki-users/attachments/20100921/e2470fb1/attachment.p7s>
More information about the Pki-users
mailing list