On 03/25/2011 07:12 AM, Luke Schierer wrote:
<snip>
> Should the 389ds be able to understand
"usercertificate;binary", and is
> this a misconfiguration on my part in the directory server, or is that
> not
> something I should be expecting the directory to understand?
the ;binary option was defined in
http://www.ietf.org/rfc/rfc2251.txt
but dropped in
http://www.ietf.org/rfc/rfc4511.txt (see C.1.7. Section
4.1.5.1 (Binary Option) and others)
So the real fix would be to change the client app to not use ";binary".
You could also file a bug/RFE against 389 to add support for legacy apps
that still use ";binary". Another fix would be to add a duplicate
attribute "usercertificate;binary" which is a duplicate of the
userCertificate attribute.
Thanks for this information. Based on your reply, I have submitted a bug
to my upstream vendor for the client app.
I would like to try creating an attribute, "usercertificate;binary" as a
temporary work around while I wait for the client app to be fixed.
However, when I go into the console to the configuration tab and then into
the schema object in the tree, I get an error when I attempt to create the
attribute. As soon as I type in the semi-colon character in the attribute
name, the text "Attribute Name" turns red and the "ok" button greys
out.
It appears that is an illegal attribute name.
If I were to manually edit the schema files, would it work, or would it
break things?
Thanks!!
Luke