Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

error message

Help
stef_204
2007-07-07
2013-03-09
  • stef_204
    stef_204
    2007-07-07

    Hi,
    I am getting this error message when trying to create a user cert signed by self-signed CA:

    The following error occured:
    error:2207507C:X509 V3 routines:v2i_GENERAL_NAME_ex:missing value
    (pki_x509)

    I can't figure what that is and it is constantly repeating on each attempt I make to create a user cert....

     
    • Did you edit the extensions (subject alternative name, issuer alternative name, CRL distribution point etc.)
      by hand or by the "edit" button ?
      Try leaving them empty one by one and see if the error disappears.

       
      • stef_204
        stef_204
        2007-07-11

        This is for a User cert, btw.

        Yes, you are correct; I did edit the subject alternative name and put User's email address there--so it shows up.

        Also, under Key Usage, on the left side, I selected the box "critical" and under that section I highlighted: Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment.

        Under Extended Key Usage, I selected the box "critical" and highlighted:
        TLS Web Client Authentication, Code Signing, Email Protection, Time Stamping, Microsoft Server Gated Crypto, Microsoft Encrypted File System, Netscape Server Gated Crypto, Smartcard logon.

        I have no real idea if doing all of that is necessary or not.  Is it?

        I hope I can resolve this quickly as I have a client waiting for his cert right now...! :)

         
        • > Yes, you are correct; I did edit the subject alternative name and put User's email address there--so it shows up.
          The input field contains something like: "email:user@provider.com" ? The "email:" is important !

           
    • stef_204
      stef_204
      2007-07-11

      I forgot to put the "email:"--that could have been the problem....
      I'll try again putting "email:user@provider.com".
      Thanks.

       
      • That's why I added the "edit" button: To get that entries right and allow error checking before creating the certificate).
        Just try it!

         
    • stef_204
      stef_204
      2007-07-12

      Yes, all is fine. You are good!

       
    • stef_204
      stef_204
      2007-07-14

      Actually, I never really "noticed" the Edit" buttons so never used them.
      That is quite ingenious!
      You can validate, etc.
      Really excellent, I must say :)