[Pki-users] Profiles Issue
Dinesh Prasanth Moluguwan Krishnamoorthy
dmoluguw at redhat.com
Fri Sep 11 19:30:31 UTC 2020
Hi Jose,
I may need little more information to assist you:
* What version of Dogtag PKI are you using?
* What platform are you using? Fedora, CentOS, Debian, RHEL?
* Can you attach debug logs?
* Can you share the profiles that you edited and its contents?
Regards,
--Dinesh
On Fri, Sep 11, 2020 at 7:02 AM Jose Antonio Mendoza Roa <roa at unixmexico.org>
wrote:
> Hello
>
>
> Hi everyone, I am new to this list and new to using dogtag.
> I have 3 profiles (types of certificates) which asked me to append this
> configuration Smart Card Logon (1.3.6.1.4.1.311.20.2.2) and add this
> configuration to the certificate profile
>
>
>
>
>
>
>
>
> *policyset.userCertSet.p15.constraint.class_id=noConstraintImplpolicyset.userCertSet.p15.constraint.name
> <http://policyset.userCertSet.p15.constraint.name>=No
> Constraintpolicyset.userCertSet.p15.default.class_id=extendedKeyUsageExtDefaultImplpolicyset.userCertSet.p15.default.name
> <http://policyset.userCertSet.p15.default.name>=Extended Key Usage
> Extension
> Defaultpolicyset.userCertSet.p15.default.params.exKeyUsageCritical=falsepolicyset.userCertSet.p15.default.params.exKeyUsageOIDs=1.3.6.1.5.5.7.3.2,1.3.6.1.4.1.311.20.2.2*
>
> But when I did the tests I get this error in the dogtag logs.
>
>
> "duplicate extension attempted! Name: oid=2.5.29.37 val=48 0"
>
> --
> Ce courrier électronique et les fichiers qui y sont annexés peuvent
> renfermer des
> renseignements privilégiés et confidentiels à l'intention exclusive du
> destinataire. Si
> vous n'êtes pas le destinataire, vous n'êtes pas autorisé(e) à utiliser, à
> copier ou à
> divulguer à un tiers le contenu de ce courrier électronique ni des
> fichiers joints. Si
> vous avez reçu ce courrier électronique par erreur, veuillez en aviser
> l'expéditeur
> immédiatement par courrier électronique et détruire ce message ainsi que
> les fichiers
> en annexe.
>
> This electronic mail message -- and any attachments -- may contain
> privileged/confidential information, intended only for the use of the
> addressee. If you
> are not the addressee, you may not use, copy or disclose to a third party
> the content
> of this message or its attachments. If you have received this message by
> mistake,
> please notify us immediately by e-mail and destroy this message, along
> with all
> attachments
> _______________________________________________
> Pki-users mailing list
> Pki-users at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-users/attachments/20200911/21b3cf31/attachment.htm>
More information about the Pki-users
mailing list