AdminUI :: Certificate : Attribute Format

Document ID : KB000017475
Last Modified Date : 14/02/2018
Show Technical Document Details

Issue :

When I insert a new Certificate in the Certificate Store using the AdminUI, the operation fails with error :

16:53:56,349 ERROR [FedPkiKeyStore] **ERROR**
java.security.cert.CertificateException commiting keystore
change for alias infdsdbf01.

Caused by: com.rsa.certj.cert.NameException: PrintableString expected.How can I fix this ?

Environment :

AdminUI 12.52SP1

Cause :

The certificates fields format should respect the standards. In that use case, one of the certificate fields has different format as the one expected.

Restrictions of the RFC 5280 :

-- Naming attributes of type X520SerialNumber

id-at-serialNumber AttributeType ::= { id-at 5 }
X520SerialNumber ::= PrintableString (SIZE (1..ub-serial-number))

(http://www.ietf.org/rfc/rfc5280.txt)

 

Solution:

You have to set the serialNumber as PrintableString and not UTF8String to solve the issue.