[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
certificateExactMatch doesn't work
I'd like to do searching on userCertificate, so I've extended standard
schema.
attributetype ( 2.5.4.36 NAME 'userCertificate'
DESC 'RFC2256: X.509 user certificate, use ;binary'
EQUALITY certificateExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
I've put example certificate:
$ ldapmodify -x
dn: uid=dexter,ou=People,dc=example,dc=net
changetype: modify
add: userCertificate;binary
userCertificate;binary:: MIIDLTCCApagAwIBAgIBADANB...
...
-
modifying entry "uid=dexter,ou=People,dc=example,dc=net"
Tried to search:
ldapsearch -P3 -x -b dc=example,dc=net
"(userCertificate:certificateExactMatch:=0 $
emailAddress=personal-freemail@thawte.com,CN=Thawte Personal Freemail
CA,OU=Certification Services Division,O=Thawte Consulting,L=Cape
Town,ST=Western Cape,C=ZA)"
but it doesn't work. Why?
The output from debug:
=> ldap_dn2bv(16)
<= ldap_dn2bv(email=personal-freemail@thawte.com,cn=thawte personal
freemail ca,ou=certification services division,o=thawte
consulting,l=cape town,st=western cape,c=za,16)=0
dnMatch 153
"email=personal-freemail@thawte.com,cn=thawte personal freemail
ca,ou=certification services division,o=thawte consulting,l=cape
town,st=western cape,c=za"
"(null)"
certificateExactMatch 153
"0 $ email=personal-freemail@thawte.com,cn=thawte personal
freemail ca,ou=certification services division,o=thawte
consulting,l=cape town,st=western cape,c=za"
"(null) $ (null)"
<= test_filter 5
ldbm_search: candidate entry 4 does not match filter
====> cache_return_entry_r( 4 ): returned (0)
--
Piotr Roszatycki, Netia Telekom S.A. .''`.
mailto:Piotr_Roszatycki@netia.net.pl : :' :
mailto:dexter@debian.org `. `'
`-