Bug 488152 - Cannot have two "cn" values in cert subject DN
Cannot have two "cn" values in cert subject DN
Status: CLOSED CURRENTRELEASE
Product: Red Hat Directory Server
Classification: Red Hat
Component: Doc-administration-guide (Show other bugs)
8.0
All Linux
low Severity high
: ---
: ---
Assigned To: Deon Ballard
Content Services Development
: Documentation
Depends On:
Blocks: 249650
  Show dependency treegraph
 
Reported: 2009-03-02 16:37 EST by Rich Megginson
Modified: 2009-08-19 23:38 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-05-01 17:47:38 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Rich Megginson 2009-03-02 16:37:55 EST
http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_SSL-Using_certutil.html#certutil-procedure

step 7

The subject DN cannot have two "cn" values.  This causes some clients to become confused.  For best results, use only 1 "cn" in the subject DN, make the "cn" the leftmost value, and make sure the value of "cn" is the fully qualified host and domain name of the server machine for the server you are generating the cert.

cn=ldap.example.com, cn=Directory Server <- BAD
ou=Directory Server, cn=ldap.example.com <- BAD
cn=ldap, ou=Directory Server <- BAD
cn=ldap.example.com, ou=Directory Server <- GOOD
Comment 1 Deon Ballard 2009-05-01 17:47:38 EDT
Added a note to step 7:
http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Managing_SSL-Using_certutil.html#certutil-procedure

This is related to bug 492135.

Closing.

Note You need to log in before you can comment on or make changes to this bug.