Menu
▾
▴
Re: [Ejbca-develop] UserDoesntFullfillEndEntityProfile_Exception: Issuance revocation reason 'null' does not match required value '-1'
|
From: ejbca-support <ejb...@pr...> - 2012-09-10 15:45:32
|
Hi,
I don't know how this happened but apparently you have created rather
unusual profiles :-)
Anyway, this time it is the *certificate profile* that is the culprit.
Uncheck all the Approval settings in the end of the dialog.
Cheers,
Anders
On 2012-09-10 17:39, Pallavidino Luc wrote:
> Hi,
>
> It works ! But I have an other problem now. I get this error :
>
> WaitingForApprovalException_Exception: Add Endity Action have been added
> for approval by authorized adminstrators.
>
> I don't want an other approval to add a new end entity for my CA. What I
> need to do, to have this behaviour ?
>
> Thank for your reactivity !
>
> Cheers,
>
> Le 10/09/2012 17:25, ejbca-support a écrit :
>> On 2012-09-10 17:18, Pallavidino Luc wrote:
>>> Hi,
>>>
>>> I try with the profiles "EMPTY" and "ENDUSER", and it works. I don't
>>> where is my error on my profile ... Have you an idea ?
>> I think you should look into the end-entity profile and maybe clear
>> "Revocation reason to set after certificate issuance [?]"
>> if set.
>>
>> As far as I know this is the only revocation-reason-related data.
>>
>> Cheers,
>> Anders
>>
>>> Thank you for your help.
>>>
>>> Le 10/09/2012 16:54, ejbca-support a écrit :
>>>> On 2012-09-10 16:24, Pallavidino Luc wrote:
>>>>> Hello,
>>>>>
>>>>> I try to use EJBCA web service to add a new End entity. But when I want
>>>>> to add a new user with my own authority and my own end entity profile, I
>>>>> get this error :
>>>>>
>>>>> Exception in thread "main"
>>>>> org.ejbca.core.protocol.ws.client.gen.UserDoesntFullfillEndEntityProfile_Exception:
>>>>> Issuance revocation reason 'null' does not match required value '-1'.
>>>>>
>>>>>
>>>>> I don't know what is the problem. May you help me please ?
>>>> Hi,
>>>> I don't know for sure but it feels that there is something wrong with the
>>>> profiles. Could you test with the EMPTY and ENDUSER profiles and see
>>>> if you get a different result?
>>>>
>>>> Cheers,
>>>> Anders
>>>> tech support
>>>>
>>>>
>>>>> This is my code :
>>>>>
>>>>>
>>>>> CertTools.installBCProviderIfNotAvailable();
>>>>> String urlstr = "https://localhost:8443/ejbca/ejbcaws/ejbcaws?wsdl";
>>>>> System.setProperty("javax.net.ssl.trustStore","p12/cacerts.jks");
>>>>> System.setProperty("javax.net.ssl.trustStorePassword","changeit");
>>>>>
>>>>> System.setProperty("javax.net.ssl.keyStoreType", "pkcs12");
>>>>> System.setProperty("javax.net.ssl.keyStore","p12/testKs.p12");
>>>>> System.setProperty("javax.net.ssl.keyStorePassword","PASSWORDP12");
>>>>>
>>>>> QName qname = new QName("http://ws.protocol.core.ejbca.org/";,
>>>>> "EjbcaWSService");
>>>>> EjbcaWSService service = new EjbcaWSService(new URL(urlstr),qname);
>>>>> EjbcaWS ejbcaraws = service.getEjbcaWSPort();
>>>>>
>>>>> UserDataVOWS user1 = new UserDataVOWS();
>>>>> user1.setUsername("WSTESTUSER25");
>>>>> user1.setPassword("foo12345");
>>>>> user1.setClearPwd(true);
>>>>> user1.setEmail(null);
>>>>> user1.setSubjectDN("CN=WSTESTUSER25,OU=Test,O=ACME,L=CAEN,ST=Calvados,C=FR");
>>>>> user1.setCaName("ACME SIGN CA");
>>>>> user1.setSubjectAltName(null);
>>>>> user1.setStatus(UserDataVOWS.STATUS_NEW);
>>>>> user1.setTokenType("USERGENERATED");
>>>>> user1.setEndEntityProfileName("ACME SIGNATURE ENTITY PROFILE");
>>>>> user1.setCertificateProfileName("ACME SIGNATURE CERTIFICATE PROFILE");
>>>>>
>>>>> ejbcaraws.editUser(user1);
>>>>>
>>>>>
>>>>> Thank you for your help.
>>>>>
>>>>>
>>>
>
>
|
