Menu
▾
▴
ejbca-develop
|
From: Pallavidino L. <luc...@gm...> - 2012-09-10 14:41:13
|
Hello,
I try to use EJBCA web service to add a new End entity. But when I want
to add a new user with my own authority and my own end entity profile, I
get this error :
Exception in thread "main"
org.ejbca.core.protocol.ws.client.gen.UserDoesntFullfillEndEntityProfile_Exception:
Issuance revocation reason 'null' does not match required value '-1'.
I don't know what is the problem. May you help me please ?
This is my code :
CertTools.installBCProviderIfNotAvailable();
String urlstr = "https://localhost:8443/ejbca/ejbcaws/ejbcaws?wsdl";
System.setProperty("javax.net.ssl.trustStore","p12/cacerts.jks");
System.setProperty("javax.net.ssl.trustStorePassword","changeit");
System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
System.setProperty("javax.net.ssl.keyStore","p12/testKs.p12");
System.setProperty("javax.net.ssl.keyStorePassword","PASSWORDP12");
QName qname = new QName("http://ws.protocol.core.ejbca.org/";,
"EjbcaWSService");
EjbcaWSService service = new EjbcaWSService(new URL(urlstr),qname);
EjbcaWS ejbcaraws = service.getEjbcaWSPort();
UserDataVOWS user1 = new UserDataVOWS();
user1.setUsername("WSTESTUSER25");
user1.setPassword("foo12345");
user1.setClearPwd(true);
user1.setEmail(null);
user1.setSubjectDN("CN=WSTESTUSER25,OU=Test,O=ACME,L=CAEN,ST=Calvados,C=FR");
user1.setCaName("ACME SIGN CA");
user1.setSubjectAltName(null);
user1.setStatus(UserDataVOWS.STATUS_NEW);
user1.setTokenType("USERGENERATED");
user1.setEndEntityProfileName("ACME SIGNATURE ENTITY PROFILE");
user1.setCertificateProfileName("ACME SIGNATURE CERTIFICATE PROFILE");
ejbcaraws.editUser(user1);
Thank you for your help.
--
Pallavidino Luc Ingénieur en monétique et sécurité des systèmes
Tél. : +33-6-8070-3133 Mail : luc...@yo...
|
|
From: ejbca-support <ejb...@pr...> - 2012-09-10 14:54:59
|
On 2012-09-10 16:24, Pallavidino Luc wrote:
> Hello,
>
> I try to use EJBCA web service to add a new End entity. But when I want
> to add a new user with my own authority and my own end entity profile, I
> get this error :
>
> Exception in thread "main"
> org.ejbca.core.protocol.ws.client.gen.UserDoesntFullfillEndEntityProfile_Exception:
> Issuance revocation reason 'null' does not match required value '-1'.
>
>
> I don't know what is the problem. May you help me please ?
Hi,
I don't know for sure but it feels that there is something wrong with the
profiles. Could you test with the EMPTY and ENDUSER profiles and see
if you get a different result?
Cheers,
Anders
tech support
>
> This is my code :
>
>
> CertTools.installBCProviderIfNotAvailable();
> String urlstr = "https://localhost:8443/ejbca/ejbcaws/ejbcaws?wsdl";
> System.setProperty("javax.net.ssl.trustStore","p12/cacerts.jks");
> System.setProperty("javax.net.ssl.trustStorePassword","changeit");
>
> System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
> System.setProperty("javax.net.ssl.keyStore","p12/testKs.p12");
> System.setProperty("javax.net.ssl.keyStorePassword","PASSWORDP12");
>
> QName qname = new QName("http://ws.protocol.core.ejbca.org/";,
> "EjbcaWSService");
> EjbcaWSService service = new EjbcaWSService(new URL(urlstr),qname);
> EjbcaWS ejbcaraws = service.getEjbcaWSPort();
>
> UserDataVOWS user1 = new UserDataVOWS();
> user1.setUsername("WSTESTUSER25");
> user1.setPassword("foo12345");
> user1.setClearPwd(true);
> user1.setEmail(null);
> user1.setSubjectDN("CN=WSTESTUSER25,OU=Test,O=ACME,L=CAEN,ST=Calvados,C=FR");
> user1.setCaName("ACME SIGN CA");
> user1.setSubjectAltName(null);
> user1.setStatus(UserDataVOWS.STATUS_NEW);
> user1.setTokenType("USERGENERATED");
> user1.setEndEntityProfileName("ACME SIGNATURE ENTITY PROFILE");
> user1.setCertificateProfileName("ACME SIGNATURE CERTIFICATE PROFILE");
>
> ejbcaraws.editUser(user1);
>
>
> Thank you for your help.
>
>
|
|
From: Pallavidino L. <luc...@gm...> - 2012-09-10 15:18:56
|
Hi,
I try with the profiles "EMPTY" and "ENDUSER", and it works. I don't
where is my error on my profile ... Have you an idea ?
Thank you for your help.
Le 10/09/2012 16:54, ejbca-support a écrit :
> On 2012-09-10 16:24, Pallavidino Luc wrote:
>> Hello,
>>
>> I try to use EJBCA web service to add a new End entity. But when I want
>> to add a new user with my own authority and my own end entity profile, I
>> get this error :
>>
>> Exception in thread "main"
>> org.ejbca.core.protocol.ws.client.gen.UserDoesntFullfillEndEntityProfile_Exception:
>> Issuance revocation reason 'null' does not match required value '-1'.
>>
>>
>> I don't know what is the problem. May you help me please ?
> Hi,
> I don't know for sure but it feels that there is something wrong with the
> profiles. Could you test with the EMPTY and ENDUSER profiles and see
> if you get a different result?
>
> Cheers,
> Anders
> tech support
>
>
>> This is my code :
>>
>>
>> CertTools.installBCProviderIfNotAvailable();
>> String urlstr = "https://localhost:8443/ejbca/ejbcaws/ejbcaws?wsdl";
>> System.setProperty("javax.net.ssl.trustStore","p12/cacerts.jks");
>> System.setProperty("javax.net.ssl.trustStorePassword","changeit");
>>
>> System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
>> System.setProperty("javax.net.ssl.keyStore","p12/testKs.p12");
>> System.setProperty("javax.net.ssl.keyStorePassword","PASSWORDP12");
>>
>> QName qname = new QName("http://ws.protocol.core.ejbca.org/";,
>> "EjbcaWSService");
>> EjbcaWSService service = new EjbcaWSService(new URL(urlstr),qname);
>> EjbcaWS ejbcaraws = service.getEjbcaWSPort();
>>
>> UserDataVOWS user1 = new UserDataVOWS();
>> user1.setUsername("WSTESTUSER25");
>> user1.setPassword("foo12345");
>> user1.setClearPwd(true);
>> user1.setEmail(null);
>> user1.setSubjectDN("CN=WSTESTUSER25,OU=Test,O=ACME,L=CAEN,ST=Calvados,C=FR");
>> user1.setCaName("ACME SIGN CA");
>> user1.setSubjectAltName(null);
>> user1.setStatus(UserDataVOWS.STATUS_NEW);
>> user1.setTokenType("USERGENERATED");
>> user1.setEndEntityProfileName("ACME SIGNATURE ENTITY PROFILE");
>> user1.setCertificateProfileName("ACME SIGNATURE CERTIFICATE PROFILE");
>>
>> ejbcaraws.editUser(user1);
>>
>>
>> Thank you for your help.
>>
>>
--
Pallavidino Luc Ingénieur en monétique et sécurité des systèmes
Tél. : +33-6-8070-3133 Mail : luc...@yo...
|
|
From: ejbca-support <ejb...@pr...> - 2012-09-10 15:26:11
|
On 2012-09-10 17:18, Pallavidino Luc wrote:
> Hi,
>
> I try with the profiles "EMPTY" and "ENDUSER", and it works. I don't
> where is my error on my profile ... Have you an idea ?
I think you should look into the end-entity profile and maybe clear
"Revocation reason to set after certificate issuance [?]"
if set.
As far as I know this is the only revocation-reason-related data.
Cheers,
Anders
>
> Thank you for your help.
>
> Le 10/09/2012 16:54, ejbca-support a écrit :
>> On 2012-09-10 16:24, Pallavidino Luc wrote:
>>> Hello,
>>>
>>> I try to use EJBCA web service to add a new End entity. But when I want
>>> to add a new user with my own authority and my own end entity profile, I
>>> get this error :
>>>
>>> Exception in thread "main"
>>> org.ejbca.core.protocol.ws.client.gen.UserDoesntFullfillEndEntityProfile_Exception:
>>> Issuance revocation reason 'null' does not match required value '-1'.
>>>
>>>
>>> I don't know what is the problem. May you help me please ?
>> Hi,
>> I don't know for sure but it feels that there is something wrong with the
>> profiles. Could you test with the EMPTY and ENDUSER profiles and see
>> if you get a different result?
>>
>> Cheers,
>> Anders
>> tech support
>>
>>
>>> This is my code :
>>>
>>>
>>> CertTools.installBCProviderIfNotAvailable();
>>> String urlstr = "https://localhost:8443/ejbca/ejbcaws/ejbcaws?wsdl";
>>> System.setProperty("javax.net.ssl.trustStore","p12/cacerts.jks");
>>> System.setProperty("javax.net.ssl.trustStorePassword","changeit");
>>>
>>> System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
>>> System.setProperty("javax.net.ssl.keyStore","p12/testKs.p12");
>>> System.setProperty("javax.net.ssl.keyStorePassword","PASSWORDP12");
>>>
>>> QName qname = new QName("http://ws.protocol.core.ejbca.org/";,
>>> "EjbcaWSService");
>>> EjbcaWSService service = new EjbcaWSService(new URL(urlstr),qname);
>>> EjbcaWS ejbcaraws = service.getEjbcaWSPort();
>>>
>>> UserDataVOWS user1 = new UserDataVOWS();
>>> user1.setUsername("WSTESTUSER25");
>>> user1.setPassword("foo12345");
>>> user1.setClearPwd(true);
>>> user1.setEmail(null);
>>> user1.setSubjectDN("CN=WSTESTUSER25,OU=Test,O=ACME,L=CAEN,ST=Calvados,C=FR");
>>> user1.setCaName("ACME SIGN CA");
>>> user1.setSubjectAltName(null);
>>> user1.setStatus(UserDataVOWS.STATUS_NEW);
>>> user1.setTokenType("USERGENERATED");
>>> user1.setEndEntityProfileName("ACME SIGNATURE ENTITY PROFILE");
>>> user1.setCertificateProfileName("ACME SIGNATURE CERTIFICATE PROFILE");
>>>
>>> ejbcaraws.editUser(user1);
>>>
>>>
>>> Thank you for your help.
>>>
>>>
>
>
|
|
From: Pallavidino L. <luc...@gm...> - 2012-09-10 15:39:16
|
Hi,
It works ! But I have an other problem now. I get this error :
WaitingForApprovalException_Exception: Add Endity Action have been added
for approval by authorized adminstrators.
I don't want an other approval to add a new end entity for my CA. What I
need to do, to have this behaviour ?
Thank for your reactivity !
Cheers,
Le 10/09/2012 17:25, ejbca-support a écrit :
> On 2012-09-10 17:18, Pallavidino Luc wrote:
>> Hi,
>>
>> I try with the profiles "EMPTY" and "ENDUSER", and it works. I don't
>> where is my error on my profile ... Have you an idea ?
> I think you should look into the end-entity profile and maybe clear
> "Revocation reason to set after certificate issuance [?]"
> if set.
>
> As far as I know this is the only revocation-reason-related data.
>
> Cheers,
> Anders
>
>> Thank you for your help.
>>
>> Le 10/09/2012 16:54, ejbca-support a écrit :
>>> On 2012-09-10 16:24, Pallavidino Luc wrote:
>>>> Hello,
>>>>
>>>> I try to use EJBCA web service to add a new End entity. But when I want
>>>> to add a new user with my own authority and my own end entity profile, I
>>>> get this error :
>>>>
>>>> Exception in thread "main"
>>>> org.ejbca.core.protocol.ws.client.gen.UserDoesntFullfillEndEntityProfile_Exception:
>>>> Issuance revocation reason 'null' does not match required value '-1'.
>>>>
>>>>
>>>> I don't know what is the problem. May you help me please ?
>>> Hi,
>>> I don't know for sure but it feels that there is something wrong with the
>>> profiles. Could you test with the EMPTY and ENDUSER profiles and see
>>> if you get a different result?
>>>
>>> Cheers,
>>> Anders
>>> tech support
>>>
>>>
>>>> This is my code :
>>>>
>>>>
>>>> CertTools.installBCProviderIfNotAvailable();
>>>> String urlstr = "https://localhost:8443/ejbca/ejbcaws/ejbcaws?wsdl";
>>>> System.setProperty("javax.net.ssl.trustStore","p12/cacerts.jks");
>>>> System.setProperty("javax.net.ssl.trustStorePassword","changeit");
>>>>
>>>> System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
>>>> System.setProperty("javax.net.ssl.keyStore","p12/testKs.p12");
>>>> System.setProperty("javax.net.ssl.keyStorePassword","PASSWORDP12");
>>>>
>>>> QName qname = new QName("http://ws.protocol.core.ejbca.org/";,
>>>> "EjbcaWSService");
>>>> EjbcaWSService service = new EjbcaWSService(new URL(urlstr),qname);
>>>> EjbcaWS ejbcaraws = service.getEjbcaWSPort();
>>>>
>>>> UserDataVOWS user1 = new UserDataVOWS();
>>>> user1.setUsername("WSTESTUSER25");
>>>> user1.setPassword("foo12345");
>>>> user1.setClearPwd(true);
>>>> user1.setEmail(null);
>>>> user1.setSubjectDN("CN=WSTESTUSER25,OU=Test,O=ACME,L=CAEN,ST=Calvados,C=FR");
>>>> user1.setCaName("ACME SIGN CA");
>>>> user1.setSubjectAltName(null);
>>>> user1.setStatus(UserDataVOWS.STATUS_NEW);
>>>> user1.setTokenType("USERGENERATED");
>>>> user1.setEndEntityProfileName("ACME SIGNATURE ENTITY PROFILE");
>>>> user1.setCertificateProfileName("ACME SIGNATURE CERTIFICATE PROFILE");
>>>>
>>>> ejbcaraws.editUser(user1);
>>>>
>>>>
>>>> Thank you for your help.
>>>>
>>>>
>>
--
Pallavidino Luc Ingénieur en monétique et sécurité des systèmes
Tél. : +33-6-8070-3133 Mail : luc...@yo...
|
|
From: ejbca-support <ejb...@pr...> - 2012-09-10 15:45:32
|
Hi,
I don't know how this happened but apparently you have created rather
unusual profiles :-)
Anyway, this time it is the *certificate profile* that is the culprit.
Uncheck all the Approval settings in the end of the dialog.
Cheers,
Anders
On 2012-09-10 17:39, Pallavidino Luc wrote:
> Hi,
>
> It works ! But I have an other problem now. I get this error :
>
> WaitingForApprovalException_Exception: Add Endity Action have been added
> for approval by authorized adminstrators.
>
> I don't want an other approval to add a new end entity for my CA. What I
> need to do, to have this behaviour ?
>
> Thank for your reactivity !
>
> Cheers,
>
> Le 10/09/2012 17:25, ejbca-support a écrit :
>> On 2012-09-10 17:18, Pallavidino Luc wrote:
>>> Hi,
>>>
>>> I try with the profiles "EMPTY" and "ENDUSER", and it works. I don't
>>> where is my error on my profile ... Have you an idea ?
>> I think you should look into the end-entity profile and maybe clear
>> "Revocation reason to set after certificate issuance [?]"
>> if set.
>>
>> As far as I know this is the only revocation-reason-related data.
>>
>> Cheers,
>> Anders
>>
>>> Thank you for your help.
>>>
>>> Le 10/09/2012 16:54, ejbca-support a écrit :
>>>> On 2012-09-10 16:24, Pallavidino Luc wrote:
>>>>> Hello,
>>>>>
>>>>> I try to use EJBCA web service to add a new End entity. But when I want
>>>>> to add a new user with my own authority and my own end entity profile, I
>>>>> get this error :
>>>>>
>>>>> Exception in thread "main"
>>>>> org.ejbca.core.protocol.ws.client.gen.UserDoesntFullfillEndEntityProfile_Exception:
>>>>> Issuance revocation reason 'null' does not match required value '-1'.
>>>>>
>>>>>
>>>>> I don't know what is the problem. May you help me please ?
>>>> Hi,
>>>> I don't know for sure but it feels that there is something wrong with the
>>>> profiles. Could you test with the EMPTY and ENDUSER profiles and see
>>>> if you get a different result?
>>>>
>>>> Cheers,
>>>> Anders
>>>> tech support
>>>>
>>>>
>>>>> This is my code :
>>>>>
>>>>>
>>>>> CertTools.installBCProviderIfNotAvailable();
>>>>> String urlstr = "https://localhost:8443/ejbca/ejbcaws/ejbcaws?wsdl";
>>>>> System.setProperty("javax.net.ssl.trustStore","p12/cacerts.jks");
>>>>> System.setProperty("javax.net.ssl.trustStorePassword","changeit");
>>>>>
>>>>> System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
>>>>> System.setProperty("javax.net.ssl.keyStore","p12/testKs.p12");
>>>>> System.setProperty("javax.net.ssl.keyStorePassword","PASSWORDP12");
>>>>>
>>>>> QName qname = new QName("http://ws.protocol.core.ejbca.org/";,
>>>>> "EjbcaWSService");
>>>>> EjbcaWSService service = new EjbcaWSService(new URL(urlstr),qname);
>>>>> EjbcaWS ejbcaraws = service.getEjbcaWSPort();
>>>>>
>>>>> UserDataVOWS user1 = new UserDataVOWS();
>>>>> user1.setUsername("WSTESTUSER25");
>>>>> user1.setPassword("foo12345");
>>>>> user1.setClearPwd(true);
>>>>> user1.setEmail(null);
>>>>> user1.setSubjectDN("CN=WSTESTUSER25,OU=Test,O=ACME,L=CAEN,ST=Calvados,C=FR");
>>>>> user1.setCaName("ACME SIGN CA");
>>>>> user1.setSubjectAltName(null);
>>>>> user1.setStatus(UserDataVOWS.STATUS_NEW);
>>>>> user1.setTokenType("USERGENERATED");
>>>>> user1.setEndEntityProfileName("ACME SIGNATURE ENTITY PROFILE");
>>>>> user1.setCertificateProfileName("ACME SIGNATURE CERTIFICATE PROFILE");
>>>>>
>>>>> ejbcaraws.editUser(user1);
>>>>>
>>>>>
>>>>> Thank you for your help.
>>>>>
>>>>>
>>>
>
>
|
|
From: Pallavidino L. <luc...@gm...> - 2012-09-10 15:53:53
|
Hi,
It works, I uncheck all the Approval settings, and It works fine.
Thank you for your help and your reactivity !
Cheers,
Le 10/09/2012 17:45, ejbca-support a écrit :
> Hi,
> I don't know how this happened but apparently you have created rather
> unusual profiles :-)
>
> Anyway, this time it is the *certificate profile* that is the culprit.
> Uncheck all the Approval settings in the end of the dialog.
>
> Cheers,
> Anders
>
>
> On 2012-09-10 17:39, Pallavidino Luc wrote:
>> Hi,
>>
>> It works ! But I have an other problem now. I get this error :
>>
>> WaitingForApprovalException_Exception: Add Endity Action have been added
>> for approval by authorized adminstrators.
>>
>> I don't want an other approval to add a new end entity for my CA. What I
>> need to do, to have this behaviour ?
>>
>> Thank for your reactivity !
>>
>> Cheers,
>>
>> Le 10/09/2012 17:25, ejbca-support a écrit :
>>> On 2012-09-10 17:18, Pallavidino Luc wrote:
>>>> Hi,
>>>>
>>>> I try with the profiles "EMPTY" and "ENDUSER", and it works. I don't
>>>> where is my error on my profile ... Have you an idea ?
>>> I think you should look into the end-entity profile and maybe clear
>>> "Revocation reason to set after certificate issuance [?]"
>>> if set.
>>>
>>> As far as I know this is the only revocation-reason-related data.
>>>
>>> Cheers,
>>> Anders
>>>
>>>> Thank you for your help.
>>>>
>>>> Le 10/09/2012 16:54, ejbca-support a écrit :
>>>>> On 2012-09-10 16:24, Pallavidino Luc wrote:
>>>>>> Hello,
>>>>>>
>>>>>> I try to use EJBCA web service to add a new End entity. But when I want
>>>>>> to add a new user with my own authority and my own end entity profile, I
>>>>>> get this error :
>>>>>>
>>>>>> Exception in thread "main"
>>>>>> org.ejbca.core.protocol.ws.client.gen.UserDoesntFullfillEndEntityProfile_Exception:
>>>>>> Issuance revocation reason 'null' does not match required value '-1'.
>>>>>>
>>>>>>
>>>>>> I don't know what is the problem. May you help me please ?
>>>>> Hi,
>>>>> I don't know for sure but it feels that there is something wrong with the
>>>>> profiles. Could you test with the EMPTY and ENDUSER profiles and see
>>>>> if you get a different result?
>>>>>
>>>>> Cheers,
>>>>> Anders
>>>>> tech support
>>>>>
>>>>>
>>>>>> This is my code :
>>>>>>
>>>>>>
>>>>>> CertTools.installBCProviderIfNotAvailable();
>>>>>> String urlstr = "https://localhost:8443/ejbca/ejbcaws/ejbcaws?wsdl";
>>>>>> System.setProperty("javax.net.ssl.trustStore","p12/cacerts.jks");
>>>>>> System.setProperty("javax.net.ssl.trustStorePassword","changeit");
>>>>>>
>>>>>> System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
>>>>>> System.setProperty("javax.net.ssl.keyStore","p12/testKs.p12");
>>>>>> System.setProperty("javax.net.ssl.keyStorePassword","PASSWORDP12");
>>>>>>
>>>>>> QName qname = new QName("http://ws.protocol.core.ejbca.org/";,
>>>>>> "EjbcaWSService");
>>>>>> EjbcaWSService service = new EjbcaWSService(new URL(urlstr),qname);
>>>>>> EjbcaWS ejbcaraws = service.getEjbcaWSPort();
>>>>>>
>>>>>> UserDataVOWS user1 = new UserDataVOWS();
>>>>>> user1.setUsername("WSTESTUSER25");
>>>>>> user1.setPassword("foo12345");
>>>>>> user1.setClearPwd(true);
>>>>>> user1.setEmail(null);
>>>>>> user1.setSubjectDN("CN=WSTESTUSER25,OU=Test,O=ACME,L=CAEN,ST=Calvados,C=FR");
>>>>>> user1.setCaName("ACME SIGN CA");
>>>>>> user1.setSubjectAltName(null);
>>>>>> user1.setStatus(UserDataVOWS.STATUS_NEW);
>>>>>> user1.setTokenType("USERGENERATED");
>>>>>> user1.setEndEntityProfileName("ACME SIGNATURE ENTITY PROFILE");
>>>>>> user1.setCertificateProfileName("ACME SIGNATURE CERTIFICATE PROFILE");
>>>>>>
>>>>>> ejbcaraws.editUser(user1);
>>>>>>
>>>>>>
>>>>>> Thank you for your help.
>>>>>>
>>>>>>
>>
--
Pallavidino Luc Ingénieur en monétique et sécurité des systèmes
Tél. : +33-6-8070-3133 Mail : luc...@yo...
|
