[Date Prev][Date Next] [Chronological] [Thread] [Top]

userCertificate - value #0 invalid per syntax [repost]

To: openldap-software@OpenLDAP.org
Subject: userCertificate - value #0 invalid per syntax [repost]
From: kallen@muppetlab.net
Date: Fri, 17 Dec 2004 07:54:44 -0800 (PST)

[repost - i never saw this show up on the list..]

i'm trying to insert values for the userCertifcate attribute in LDAP.
i understand the syntax to be as follows:

  userCertificate;binary:: MIICxDCCAi2gAwIBAgIDIDANbgkqn [snip]

when i attempt to load an ldif file containing this attribute, i get
this error:

  ldap_add: Invalid syntax (21)
     additional info: userCertificate;binary: value #0 invalid per syntax

however, the syntax in the ldif looks perfectly fine. what's going on?
what am i missing? further details:

i take my id_dsa.pub key and encode it:

  $ perl -MMIME::Base64 -e 'print encode_base64("ssh-dss AAAAB[snip] \
  c6wng5XdJcoI9YXigyNpTcq6A== kallen@arsenal");'

which produces:
  
c3NoLWRzcyBBQUFBQjNOemFDMWtjM01BQUFDQkFLdmw0VTJiTi93NHVqWDhGQncvL0hyQks5S1NM
[snip 9 lines]
Y29JOVlYaWd5TnBUY3E2QT09IGthbGxlbg==

i remove the newlines from this encoded key to make it one line, and then
place it in the ldif as the value of userCertificate:

  userCertificate;binary:: c3NoLWRzcyBBQ[snip]hbGxlbg==

the ldif looks like:

  dn: cn=Kallen,ou=People,dc=testdomain,dc=com
  cn: Kallen
  sn: Allen
  objectclass: top
  objectclass: person
  objectclass: organizationalPerson
  objectclass: posixAccount
  objectclass: inetOrgPerson
  objectclass: strongAuthenticationUser
  uid: kallen
  userPassword:{MD5}blahblahblah
  uidNumber: 1000
  gidNumber: 1050
  loginShell: /bin/bash
  homeDirectory: /home/kallen
  userCertificate;binary:: c3NoL[snip]

then i load it with

  ldapadd -x -D "cn=Manager,dc=shopping,dc=com" -W -f test.ldif

and the result is;

  adding new entry "dc=testdomain,dc=com"
  adding new entry "ou=People,dc=testdomain,dc=com"
  adding new entry "ou=Groups,dc=testdomain,dc=com"
  adding new entry "cn=Manager,dc=testdomain,dc=com"
  adding new entry "cn=Kallen,ou=People,dc=shopping,dc=com"
  ldap_add: Invalid syntax (21)
    additional info: userCertificate;binary: value #0 invalid per syntax

the schemas i have included in slapd.conf are core.schema, cosine.schema,
inetorgperson.schema, nis.schema.

much thanks in advance,
k

-- 
"More than any other time in history, mankind faces a cross-roads.
One path leads to despair and utter hopelessness. The other, to
total extinction. Let us pray we have the wisdom to choose correctly."

-- Woody Allen

Prev by Date: No structuralObjectClass for entry (cn=Admin,o=Cybertek,c=ZA)
Next by Date: Re: userCertificate - value #0 invalid per syntax [repost]
Index(es):
- Chronological
- Thread