Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.
we are using in our different environment different versions of EJBCA (3.7.5, 3.9.4,3.10.1). The one that we are planning to use in production environment is the 3.10.1 version. BUT we see there a different behaviour from the other version, and it is how this version enforces SubjectDN uniqueness. We are integrating against the EJBCA with another product, and this one has internally implemented the creation of two certificates authentication, and non-repudiation, but uses the same SubjectDN for both and different user name. This product was first integrated against the 3.7.5 version where it was possible. We plan to use the 3.10.1 version also for some fixes and enhancements, but this is a stop for us right now, that we cannot overcome.
Can somehow this specific behaviour be reverted in the 3.10.1 version, so the SubjectDN uniqueness is not enforced?
Yes it is a configuration in "Edit Certificate Authorities". We just released EJBCA 3.10.2 btw, that is much improved over 3.10.1 :-)
You can deselect "Enforce unique DN" when you edit the CA.
But is this configuration valid for CV certificate? I have two DVCA with same SubjectDN and I deselected "Enforce unique DN" when I edit DVCA but I have the same error.