Closed brendankearney closed 7 months ago
While PLA v1.2 does not support RFC3866, it also does not implement RFC4512 - attribute options.
This is something I hope to make working in PLA v2, but it wont be addressed in v1.2.
thanks for taking a look
Describe the bug with the new auto-ca overlay initiated, caCertificate and caPrivateKey objects are created in the base DIT. when attempting to view the base DN, i get errors showing "phpLDAPadmin doesnt support RFC3866." This is a red herring, as the caCertificate and caPrivateKey objects are binary object types. it seems that there is some crossed signals around language tags and the cert/key syntax.
To Reproduce Steps to reproduce the behavior:
phpLDAPadmin doesnt support RFC3866. PLA might not do what you expect... {cacertificate;binary} (a:1:{s:6:"values";a:1:{i:0;s:878:"0�j0�R� �F= x�s�0 �H�� 0+10 �&���,dcom10 �&���,dbpk20 240117175615Z 340116175615Z0+10 �&���,dcom10 �&���,dbpk20�"0 �H�� �0� ��@�?�
�1�}�!���طb*VțDZ�(��H�(<�r�9@�<�Z��\����>��y��j���̬s���ڏ]ϰ�H�],���'����1s| �4��s^a-��V:a���R҇c�|�u5\�|��T��IP#|�E&��W�?��SqH;'<���%����a��8���!��N�w�~�t@�o���5/��(w�4�@�5^l� W%��-�uɐx=K���L��/B �α\7;�.{F��5�[2:�������0��0U�^�L\�w���z2s�
T�H:0U#0��^�L\�w���z2s�T�H:0U�0�0U�0-
�H��B OpenLDAP automatic certificate0 �H�� ���|�e�y�:ca���&jG�����W ��}Q�W��q��=^� >N�ZY�2�S@��)l�x�����q��FB9���R����i:o] ����l��q�ڻ)ͪ���\��N~�[��^���8���8,��>����T�u`�z�t�Ve�ǫR ���$&a�����l�ƌ(�ĉ�G��D�� ⦇ �;ɲ�=��f������F�(�(���%X�q����,�+0�ݖ��";}})and
phpLDAPadmin doesnt support RFC3866. PLA might not do what you expect... {caprivatekey;binary} (a:1:{s:6:"values";a:1:{i:0;s:1216:"0��0 �H�� ��0����@�?�`�1�}�!���طbVțDZ�(��H�(�r�9@�<�Z��\������y��j���̬s���ڏ]ϰ�H�],���'����1s| �4��s^a-��V:a���R҇c�|�u5\�|��T��IP#|�E&��W�?��SqH;'<���%����a��8���!��N�w�~�t@�o���5/��(w�4�@�5^l� W%��-�uɐx=K���L��/B �α\7;�.{F��5�[2:������W� ���;�W���ň�f�&<C�A�4(�8:n�
i¾�����5b ��� ��tJ��_=����g�&��ot����/���8K����rܴ��w,ݝc��#���d�����ss��C7\Ϣ[=��L���cg�T 5V���h���� g�Vӟ;o�5�-�"� $��������B!#UO�Q%�,a����g\��a��,�|����ʭ�#�@X��@E]�G< �_�2�]�*B��AS�����?�Y��y<��ؤ�\�4� E� ��/�
Ǚ���Ů�� +;š� $����f�w.��ӭs\�x �-���ra���� ;�KAE[�G�G�bV�v�M����X}cշy7��f��GP7L������?w��0�r��Kmj1Op���;��n��?�0'm��?ݼ�g���s�[�� E��n)�r&/W���Hbt��F������Q��)ZwS��K�ʯ��c|��B+fG��͋��W��r�8�l��g5�<(꺗�Aq����K,��Yi���F��(�ᖐ"2�N���*�vB̺Dv�Aw�D�k�B��b�U�I���&A���Vm���˱,|��;\R���-��@����:F�S �=�P��q�
v��$�#�<";}})Expected behavior the caCertificate and caPrivateKey object would be displayed as binary blobs/values
Screenshots
LDAP Server details (please complete the following information):
Additional context a seach of the base DIT, using command line tools:
[brendan@server3 ~]$ ldapsearch -b dc=bpk2,dc=com -s base ... cACertificate;binary:: MIIDajCCAlKgAwIBAgIJAOYXqp+0mbCi... ... cAPrivateKey;binary:: MIIEvQIBADANBgkqhkiG9w...