Uploaded image for project: 'Gazelle Security Suite'
  1. Gazelle Security Suite
  2. GSS-336

SN subject attribute is transformed by bouncycastle as SERIALNUMBER

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 5.3.0
    • Component/s: PKI
    • Labels:
      None
    • Account:
      CASC (CASC)

      Description

      The surname subject attribute of a certificate is shorten by GSS as "SN". However, bouncycastle transform "SN" into "SERIALNUMBER" during X509 generation. At the end the subject in the certificate database object and in the X509 certificate is different.

      It does not cause any trouble, expect while importing a certificate into GSS (CA mapping action) or trying to find a X509 certificate based on its GSS' subject.

      The certificate subject must be created using the long attribute version : ie "SURNAME" instead of "SN".
      It may also be interesting to replace all previous ",SN=" substring by ",SERIALNUMBER=" in order certificate db objects match with their X509.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                ceoche Cédric EOCHE-DUVAL
                Reporter:
                ceoche Cédric EOCHE-DUVAL
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 5 hours
                  5h
                  Remaining:
                  Time Spent - 3 hours Remaining Estimate - 2 hours
                  2h
                  Logged:
                  Time Spent - 3 hours Remaining Estimate - 2 hours
                  3h

                    Potential Duplicates