Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-122767

ATTR_NAME_BY_OID is missing OID 2.5.4.97, organizationIdentifier

Linking RHIVOS CVEs to...Migration: Automation ...RHELPRIO AssignedTeam ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • rhel-10.2
    • rhel-9.6, rhel-10.0
    • ipa
    • ipa-4.12.2-27.el10
    • None
    • Low
    • 1
    • rhel-idm-ipa
    • 13
    • 15
    • 1
    • QE ack, Dev ack
    • False
    • False
    • Hide

      None

      Show
      None
    • No
    • IPA: RHELs for 10.2 and 9.8
    • Pass
    • Automated
    • Unspecified Release Note Type - Unknown
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      What were you trying to do that didn't work?

      trying to install ipa with IPA's CA cetificate with OID 2.5.4.97, organizationIdentifier, in the DN, fails because it's missing from ATTR_NAME_BY_OID

      What is the impact of this issue to you?

      Compliance to EU regulations

      Please provide the package NVR for which the bug is seen:

      ipa-server-4.12.2-14.el9_6.5.x86_64

      How reproducible is this bug?:

      always

      Steps to reproduce

      1. sign the CSR with CA that has OID 2.5.4.97 in subject DN
      2. try to install it either during two-step IPA installation, or via `ipa-cacert-manage renew`
      3. Installation fails with error
      4. [error] InvalidSyntax: ipaCaIssuerDN: value #0 invalid per syntax: Invalid syntax.

      Expected results

      installation succeeds

      Actual results

        1. ipaserver-install.log
          752 kB

              frenaud@redhat.com Florence Renaud
              rhn-support-asharov Aleksandr Sharov
              Florence Renaud Florence Renaud
              PRANAV THUBE PRANAV THUBE
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated: