Announcement Announcement Module
Collapse
No announcement yet.
Adding X509 or other Binary Data Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Adding X509 or other Binary Data

    Trying to add a binary (DER encoded) X509 to an LDAP store. We are doing:

    context.setAttributeValue("userCertificate", certByteArray);

    Throwing an exception:
    org.springframework.ldap.UncategorizedLdapExceptio n: Operation failed; nested exception is javax.naming.directory.InvalidAttributeIdentifierE xception: [LDAP: error code 17 - userCertificate: requires ;binary transfer]; remaining name 'cn=dbreese,dc=my-domain,dc=com'

    LDAP schema for userCertificate is from core.schema:
    attributetype ( 2.5.4.36 NAME 'userCertificate'
    DESC 'RFC2256: X.509 user certificate, use ;binary'
    EQUALITY certificateExactMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )

    It appears that perhaps we must somehow transfer the X509 in binary mode, but can't find much information on how to do that.

    I'd imagine same issues would be for sending any binary attributes such as JPEG, etc.

    Any ideas on how to force transfer in binary mode for a particular attribute?

    Thanks,
    Dustin

  • #2
    Well, this doesn't have anything to do with Spring LDAP, rather the LDAP protocol itself.

    As described here you'll need to specify the attribute name as 'userCertificate;binary" which should cause it to be transferred properly.

    Haven't tried it though so there's no guarantee it will work.

    Comment


    • #3
      Your suggestion worked like a charm --

      context.setAttributeValue("userCertificate;binary" , certByteArray);

      Thanks,
      Dustin

      Comment

      Working...
      X