Red Hat Bugzilla – Bug 249412
CA reports error to Auto Enrollment Proxy on certificate request attempt
Last modified: 2015-01-04 18:27:44 EST
Escalated to Bugzilla from IssueTracker
Description of problem:
The auto enrollment proxy (v1.0.0) is set up and it appears that we are connecting to August Schell's Red Hat 7.1 CA. A manual request is submitted to the CA (right-click in Personal(Local Computer) Store and select Request New Certificate) When 'Finish' is clicked, a message is presented that says: "The certificate request cannot be created. The requested property value is empty." The error log on the Microsoft console (included as log0601407.txt) indicates that a HTTP message was received back that says "The requested object does not exist on this server. The link you followed is either outdated, inaccurate, or the server has been instructed not to let you have it."
The Red Hat CA error log file contains the following information:
[14/Jun/2007:12:43:55] security ( 5979): get_auth_user_ssl: unable to map cert to LDAP entry. Reason: No such object, Issuer: "CN=ASE-test DOD CA-17,OU=PKI,OU=DoD,O=U.S. Government,C=US", User: "CN=ASE-test DOD CA-17 Agent,UID=rh-admin,OU="PKI, OU=DoD",O=U.S. Government,C=US"
[14/Jun/2007:12:43:55] warning ( 5979): for host 10.10.10.200 trying to POST /ca/profileSubmitSSLClient, send-file reports: can't find /opt/redhat-cs/cert-id/web-apps/agent/ca/profileSubmitSSLClient (File not found)
Submit a manual request to the CA from the proxy.
Steps to Reproduce:
says "The requested object does not exist on this server. The link you followed is either outdated, inaccurate, or the server has been instructed not to let you have it."
A domain controller certificate.
This event sent from IssueTracker by ble [SEG - Certificate System Engineering]
This is a feature request, so I would like to keep it open to document the
customers requirement to have 7.1 support. I only have privelges to set
it to w/o seg. I can't set it to w/o product management nor can I set it
to w/o engineering. Could you please set it to either one of those.
Internal Status set to 'Waiting on SEG'
This event sent from IssueTracker by ble [SEG - Certificate System
User email@example.com's account has been closed