I am trying to add a entry for CA certificate without authorityRevocationList
. But i get this error:
javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - object class 'certificationAuthority' requires attribute 'authorityRevocationList']
But as far as i Know authorityRevocationList
attribute is not mandatory .
Here is my code:
FileInputStream fr = new FileInputStream("jack.cer");
CertificateFactory cf = CertificateFactory.getInstance("X509");
X509Certificate crt = (X509Certificate) cf.generateCertificate(fr);
Attribute oc = new BasicAttribute("objectClass");
oc.add("person");
oc.add("inetOrgPerson");
oc.add("certificationAuthority");
Attributes entry = new BasicAttributes();
String entryDN=""Cn=test,dc=maxcrc,dc=com";
entry.put("sn", entryDN);
entry.put("cACertificate;binary", crt.getEncoded());
entry.put(oc);
try {
ctx.createSubcontext(entryDN, entry);
} catch (NamingException e) {
e.printStackTrace();
}
Any help would be appreciated.
I solved the problem by using pkiCA object class instead of certificationAuthority object class.Here is the working code.
FileInputStream fr = new FileInputStream("jack.cer");
CertificateFactory cf = CertificateFactory.getInstance("X509");
X509Certificate crt = (X509Certificate) cf.generateCertificate(fr);
Attribute oc = new BasicAttribute("objectClass");
oc.add("person");
oc.add("inetOrgPerson");
oc.add("pkiCA");
Attributes entry = new BasicAttributes();
String entryDN=""Cn=test,dc=maxcrc,dc=com";
entry.put("sn", entryDN);
entry.put("cACertificate;binary", crt.getEncoded());
entry.put(oc);
try {
ctx.createSubcontext(entryDN, entry);
} catch (NamingException e) {
e.printStackTrace();
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.