Created attachment 330110 [details] Bugfix patch Description of problem: SubjectAltNameExtDefault does not process OtherName extension type correctly if UUID generation is not used. Version-Release number of selected component (if applicable): 1.0.0 How reproducible: Always Steps to Reproduce: 1. Create a profile with subject alternative name extension of OtherName type using SubjectAltNameExtDefault impl without using UUID generation feature. E.g. specify (KerberosName)realm|1|test in pattern. 2. Create certificate request and try generating certificate. Actual results: Certificate will not contain SAN extension. Following can be found in debug logs: SubjectAltNameExtDefault: createExtension - unsupported server-generated type: . Supported: UUID4 Expected results: Certificate should contain properly generated SAN extension. Additional info: See patch and workaround submitted
Created attachment 330111 [details] Workaround for 1.0.0 version In order to use the workaround place it into /var/lib/pki-ca/webapps/ca/WEB-INF/classes/com/netscape/cms/profile/def and re-define subjectAltNameExtDefaultImpl profile plugin using com.netscape.cms.profile.def.SubjectAltNameExtDefaultFixed class instead of com.netscape.cms.profile.def.SubjectAltNameExtDefault.
Created attachment 333410 [details] fix for the OtherName also took the opportunity to remove/replace the ugly tabs that I introduced from the past. awnuk please review.
attachment (id=333410) +awnuk
$ svn commit SubjectAltNameExtDefault.java Sending SubjectAltNameExtDefault.java Transmitting file data . Committed revision 256.