Christian Felsing
2017-05-15 14:54:40 UTC
Hello,
from EJBCA 6.5.0.5 Community (r25663) provided WSDL file
Apache CXF created Java class for UserDataVOWS object:
public class UserDataVOWS {
...
protected String subjectAltName;
...
protected List<ExtendedInformationWS> extendedInformation;
...
public void setSubjectAltName(String value) {
this.subjectAltName = value;
}
...
}
I would have expected something like
this.subjectAltName.add (value);
where subjectAltName would be e.g. a List like extendedInformation.
My application creates all userdata from PKCS#10 request. One unit test
failed. Reason:
PKCS#10 file contains following data, please notice there are two
rfc822names.
Certificate Request:
Data:
Version: 0 (0x0)
Subject: CN=Joe Job, O=Example, OU=Division, L=Wiesbaden,
ST=Hessen, C=DE
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:86:3c:42:f3:a1:65:41:ac:b8:1e:2c:75:4c:c6:
45:d9:11:15:24:34:35:f0:15:0a:f5:15:ec:54:b3:
66:85:b6:69:6c:b6:93:e7:bd:27:ba:99:78:71:09:
52:c9:dd:a8:dc:08:69:ad:7a:28:f7:0a:30:e1:0e:
05:d8:e3:08:ae
ASN1 OID: prime256v1
NIST CURVE: P-256
Attributes:
Requested Extensions:
X509v3 Subject Alternative Name:
email:***@example.com, email:***@example.com
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Signature Algorithm: ecdsa-with-SHA256
30:45:02:21:00:83:82:f0:ef:13:20:0a:db:59:6e:0a:94:10:
4d:5e:15:b1:28:7d:5e:44:81:07:69:ac:ae:1c:e9:a5:cb:62:
25:02:20:53:c2:ad:e4:83:da:6e:1b:ee:1a:9b:5a:c0:0c:7c:
f0:9d:f1:37:0f:91:f7:bd:71:d1:79:50:4e:a3:df:9f:72
-----BEGIN CERTIFICATE REQUEST-----
MIIBhzCCAS0CAQAwaTEQMA4GA1UEAwwHSm9lIEpvYjEQMA4GA1UECgwHRXhhbXBs
ZTERMA8GA1UECwwIRGl2aXNpb24xEjAQBgNVBAcMCVdpZXNiYWRlbjEPMA0GA1UE
CAwGSGVzc2VuMQswCQYDVQQGEwJERTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA
BIY8QvOhZUGsuB4sdUzGRdkRFSQ0NfAVCvUV7FSzZoW2aWy2k+e9J7qZeHEJUsnd
qNwIaa16KPcKMOEOBdjjCK6gYjBgBgkqhkiG9w0BCQ4xUzBRMDcGA1UdEQQwMC6B
FWpvZS5qb2IuMUBleGFtcGxlLmNvbYEVam9lLmpvYi4yQGV4YW1wbGUuY29tMAkG
A1UdEwQCMAAwCwYDVR0PBAQDAgXgMAoGCCqGSM49BAMCA0gAMEUCIQCDgvDvEyAK
21luCpQQTV4VsSh9XkSBB2msrhzppctiJQIgU8Kt5IPabhvuGptawAx88J3xNw+R
971x0XlQTqPfn3I=
-----END CERTIFICATE REQUEST-----
In case of calling method setSubjectAltName (...) twice only second
rfc822name will be applied to EJBCA user for obvious reasons. EJBCA
itself allows multiple subjectAlternativeNames, even of same type.
Any hints, how I can get multiple subjectAlternativeNames into that request?
regards
Christian
from EJBCA 6.5.0.5 Community (r25663) provided WSDL file
Apache CXF created Java class for UserDataVOWS object:
public class UserDataVOWS {
...
protected String subjectAltName;
...
protected List<ExtendedInformationWS> extendedInformation;
...
public void setSubjectAltName(String value) {
this.subjectAltName = value;
}
...
}
I would have expected something like
this.subjectAltName.add (value);
where subjectAltName would be e.g. a List like extendedInformation.
My application creates all userdata from PKCS#10 request. One unit test
failed. Reason:
PKCS#10 file contains following data, please notice there are two
rfc822names.
Certificate Request:
Data:
Version: 0 (0x0)
Subject: CN=Joe Job, O=Example, OU=Division, L=Wiesbaden,
ST=Hessen, C=DE
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:86:3c:42:f3:a1:65:41:ac:b8:1e:2c:75:4c:c6:
45:d9:11:15:24:34:35:f0:15:0a:f5:15:ec:54:b3:
66:85:b6:69:6c:b6:93:e7:bd:27:ba:99:78:71:09:
52:c9:dd:a8:dc:08:69:ad:7a:28:f7:0a:30:e1:0e:
05:d8:e3:08:ae
ASN1 OID: prime256v1
NIST CURVE: P-256
Attributes:
Requested Extensions:
X509v3 Subject Alternative Name:
email:***@example.com, email:***@example.com
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Signature Algorithm: ecdsa-with-SHA256
30:45:02:21:00:83:82:f0:ef:13:20:0a:db:59:6e:0a:94:10:
4d:5e:15:b1:28:7d:5e:44:81:07:69:ac:ae:1c:e9:a5:cb:62:
25:02:20:53:c2:ad:e4:83:da:6e:1b:ee:1a:9b:5a:c0:0c:7c:
f0:9d:f1:37:0f:91:f7:bd:71:d1:79:50:4e:a3:df:9f:72
-----BEGIN CERTIFICATE REQUEST-----
MIIBhzCCAS0CAQAwaTEQMA4GA1UEAwwHSm9lIEpvYjEQMA4GA1UECgwHRXhhbXBs
ZTERMA8GA1UECwwIRGl2aXNpb24xEjAQBgNVBAcMCVdpZXNiYWRlbjEPMA0GA1UE
CAwGSGVzc2VuMQswCQYDVQQGEwJERTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA
BIY8QvOhZUGsuB4sdUzGRdkRFSQ0NfAVCvUV7FSzZoW2aWy2k+e9J7qZeHEJUsnd
qNwIaa16KPcKMOEOBdjjCK6gYjBgBgkqhkiG9w0BCQ4xUzBRMDcGA1UdEQQwMC6B
FWpvZS5qb2IuMUBleGFtcGxlLmNvbYEVam9lLmpvYi4yQGV4YW1wbGUuY29tMAkG
A1UdEwQCMAAwCwYDVR0PBAQDAgXgMAoGCCqGSM49BAMCA0gAMEUCIQCDgvDvEyAK
21luCpQQTV4VsSh9XkSBB2msrhzppctiJQIgU8Kt5IPabhvuGptawAx88J3xNw+R
971x0XlQTqPfn3I=
-----END CERTIFICATE REQUEST-----
In case of calling method setSubjectAltName (...) twice only second
rfc822name will be applied to EJBCA user for obvious reasons. EJBCA
itself allows multiple subjectAlternativeNames, even of same type.
Any hints, how I can get multiple subjectAlternativeNames into that request?
regards
Christian