LDAP伺服器中放屬性證書問題！希望各位幫忙看一下，謝謝！

←手機掃碼閱讀火星人 @ 2014-03-04 , reply:0

LDAP伺服器中放屬性證書問題！希望各位幫忙看一下，謝謝！

最近做個證書管理工具，想把生成的屬性證書發布到OpenLDAP（windows下），為此需要在Schema模式文件中增加如下模式定義：
# X.509 attributeCertificateAttribute--EQUALITY certificateExactMatch
# Must be transferred using ;binary
attributetype (2.5.4.58
      NAME 'attributeCertificateAttribute'
      DESC 'A binary attribute certificate, use ;binary'
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )

#The X.509 standard defines 'pmiUser' as shown below:
objectclass (2.5.6.24
      NAME 'pmiUser'
      SUP top AUXILIARY
      DESC 'A pmi entity that can contain X509 ACs'
      MAY (attributeCertificateAttribute))
可是在放證書時，仍然一直報錯如下（註：在cn=Du Jiepeng,ou=ResearchCenter中已經添加pmiUser）：
Embedded: javax.naming.directory.InvalidAttributeValueException: ; remaining name 'cn=Du Jiepeng,ou=Research Center'
      at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)
      at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
      at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
      at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(Unknown Source)
      at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(Unknown Source)
      at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(Unknown Source)
      at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(Unknown Source)
      at javax.naming.directory.InitialDirContext.modifyAttributes(Unknown Source)
      at issrg.acm.extensions.LDAPSavingUtility.save(LDAPSavingUtility.java:313)
      at issrg.acm.extensions.MultiChoiceSavingUtility.save(MultiChoiceSavingUtility.java:129)
      at issrg.acm.DefaultSavingUtility.save(DefaultSavingUtility.java:182)
      at issrg.acm.KernelFrame.jCreateACButton_actionPerformed(KernelFrame.java:672)
      at issrg.acm.KernelFrame$9.actionPerformed(KernelFrame.java:595)
      at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
      at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
      at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
      at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
      at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
      at java.awt.Component.processMouseEvent(Unknown Source)
      at javax.swing.JComponent.processMouseEvent(Unknown Source)
      at java.awt.Component.processEvent(Unknown Source)
      at java.awt.Container.processEvent(Unknown Source)
      at java.awt.Component.dispatchEventImpl(Unknown Source)
      at java.awt.Container.dispatchEventImpl(Unknown Source)
      at java.awt.Component.dispatchEvent(Unknown Source)
      at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
      at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
      at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
      at java.awt.Container.dispatchEventImpl(Unknown Source)
      at java.awt.Window.dispatchEventImpl(Unknown Source)
      at java.awt.Component.dispatchEvent(Unknown Source)
      at java.awt.EventQueue.dispatchEvent(Unknown Source)
      at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
      at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
      at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
      at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
      at java.awt.EventDispatchThread.pumpEvents(Unknown Source)

[ 本帖最後由 layman919 於 2008-8-18 15:21 編輯 ]

《解決方案》

234

[ 本帖最後由 forxy 於 2008-8-21 12:57 編輯 ]

《解決方案》

原帖由 forxy 於 2008-8-18 18:17 發表 http://bbs.chinaunix.net/images/common/back.gif
屬性證書不同於數字證書，DER編解碼不一樣。
如果你的Openldap較老，它採用openssl的i2d_X509解碼證書來驗證是否是數字證書，當然就驗不過了，就報錯。

如果你的openldap較新，它自己解碼數字證書（也解不過 ...

學習中

Tags:

[火星人 ] LDAP伺服器中放屬性證書問題！希望各位幫忙看一下，謝謝！已經有533次圍觀

本文地址：http://coctec.com/docs/service/show-post-28131.html

LDAP伺服器中放屬性證書問題！希望各位幫忙看一下，謝謝！

LDAP伺服器中放屬性證書問題！希望各位幫忙看一下，謝謝！

熱門文章

最新文章