An open source enterprise digital identity platform for CIAM or workforce... Janssen is a distribution of standards-based, developer friendly, components that are engineered to work together in any cloud. #OAuth #OpenID #FIDO
Create certificate adding in the subjectDN this jurisdictionCountryName attribute.
Pass via client registration request field tls_client_auth_subject_dn.
Error will be thrown when processing MTLS.
[io.jans.as.server.auth.AuthenticationFilter] (AuthenticationFilter.java:227) - Unknown object id - jurisdictionCountryName - passed to distinguished name java.lang.IllegalArgumentException: Unknown object id - jurisdictionCountryName - passed to distinguished name”
Expected behavior
jurisdictionCountryName should be supported because this is part of Brazil OpenBanking specs.
Actual behavior
BouncyCastle doesn't process it because jurisdictionCountryName is not a standard attribute.
As part of OpenBanking Brazil, they have request (https://support.gluu.org/authentication/9904/support-for-short-name-tls_client_auth_subject_dn/) to use
jurisdictionCountryName
in their certificates, however when Janssen AS is processing MTLS, it's throwing an exception because of this attribute is not supported, this is not part of the standard list of attributes.Steps To Reproduce
subjectDN
thisjurisdictionCountryName
attribute.tls_client_auth_subject_dn
.[io.jans.as.server.auth.AuthenticationFilter] (AuthenticationFilter.java:227) - Unknown object id - jurisdictionCountryName - passed to distinguished name java.lang.IllegalArgumentException: Unknown object id - jurisdictionCountryName - passed to distinguished name”
Expected behavior
jurisdictionCountryName
should be supported because this is part of Brazil OpenBanking specs.Actual behavior
BouncyCastle doesn't process it because
jurisdictionCountryName
is not a standard attribute.