#932 unable to use i18n characters for Subject Alternate Name Extension
Closed: migrated 3 years ago by dmoluguw. Opened 10 years ago by mrniranjan.

Unable to use i18n characters set for Email which gets added in the Certificates SAN extension , when the request is generated using PKCS10Client or through EE Page:

Example:

[root@dhcp207-176 certs_db]# PKCS10Client -p redhat123 -d . -a rsa -l 2048 -o test1.b64 -n "UID=kakskümmend üks,E=kakskümmend@example.org,CN=kakskümmend üks,OU=Engineering,O=Example.Inc,C=US"
PKCS10Client: Debug: got token.
PKCS10Client: Debug: thread token set.
PKCS10Client: token Internal Key Storage Token logged in...
PKCS10Client: key pair generated.
PKCS10Client: Exception caught: java.lang.IllegalArgumentException: Invalid IA5String AVA Value string

EE Page:

  1. Select EE page: https://pkiserver1.example.org:8443/ca/ee/ca/
  2. Select Profile: Manual User Dual-Use Certificate Enrollment
  3. Specify Below details:

    • uid: kakskümmend üks
    • Email: kakskümmend@example.org
    • CN: kakskümmend üks
  4. Submit the request:

Actual Output:

Sorry, your request is not submitted. The reason is "Invalid Subject Name UID=kakskümmend üks,E=kakskümmend@example.org,CN=kakskümmend üks".

Per CS/DS meeting of 03/31/2014 - I was unable to find any existing BZ. Non-ascii e-mail addresses are still very uncommon, so this is a real corner case. It also is not normal to use SAN for anything other than multiple hostnames for server certs - FUTURE.

NOTE: This may be related to PKI TRAC Ticket #860 - user-add --email with i18n characters throws LDAP error

Metadata Update from @mrniranjan:
- Issue set to the milestone: UNTRIAGED

7 years ago

Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new
issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.

This issue has been cloned to GitHub and is available here:
https://github.com/dogtagpki/pki/issues/1498

If you want to receive further updates on the issue, please navigate to the
GitHub issue and click on Subscribe button.

Thank you for understanding, and we apologize for any inconvenience.

Metadata Update from @dmoluguw:
- Issue close_status updated to: migrated
- Issue status updated to: Closed (was: Open)

3 years ago

Login to comment on this ticket.

Metadata