Importing an external public key certificate fails with error: "-1232 0xFFFFFB30 PKI E SUBJECT NAME COMPARISON FAILURE"
(Last modified: 03Dec2002)
This document (10052843) is provided subject to the disclaimer at the end of this document.
fact
Certificate Server 2.02
symptom
Importing an external public key certificate fails with error: "-1232 0xFFFFFB30 PKI E SUBJECT NAME COMPARISON FAILURE"
The external Certificate Authority (CA) which issued the Certificate changed the subject name based on it´s naming policy
fix
Install the Certificate Server Enhancement Pack (cs2ep2.exe) which includes a fix for this problem.
- Rename the ConsoleOne PKI snapin from PKI.JAR to PKI.OLD.
- Run ConsoleOne and edit the attribute "NDS PKI: Subject Name" stored on the KMO Object.
- Change the subject name on the KMO object to match the subject name assigned by the CA.
Use NWADMIN and its PKI snapins to store the certificate
note
Notes:
Every x509v3 Public Key Certificate stores an attribute called Subject Name which will be defined during the creation of the Certificate Signing Request (CSR). The Key Material Object (KMO) holds an attribute named "NDS PKI: Subject Name" which stores the subject name. Importing a Certificate will cause Certificate Server to compare the Subject Name stored on the Certificate against the attribute "NDS PKI: Subject Name" on the KMO Object. If they do not match Certificate Server will report this with the error -1232.
document
| Document Title: | Importing an external public key certificate fails with error: "-1232 0xFFFFFB30 PKI E SUBJECT NAME COMPARISON FAILURE" |
| Document ID: | 10052843 |
| Solution ID: | NOVL9996 |
| Creation Date: | 08May2000 |
| Modified Date: | 03Dec2002 |
| Novell Product Class: | NetWare Novell eDirectory Novonyx Web Services |
disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.