000014561 - Cert-C: C_SetCertBER() returns E_CERT_EXTENSIONS for a certificate with more than one of the same extension

Document created by RSA Customer Support Employee on Jun 15, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000014561
Applies ToRSA BSAFE Cert-C
IssueCert-C: C_SetCertBER() returns E_CERT_EXTENSIONS for a certificate with more than one of the same extension
C_SetCertBER() returns E_CERT_EXTENSIONS (0x072a) for a certificate with more than one of the same extension
Resolution

According to RFC 3280 (http://www.ietf.org/rfc/rfc3280.txt):

4.2  Certificate Extensions
...
   A certificate MUST NOT include more than
   one instance of a particular extension.  For example, a certificate
   may contain only one authority key identifier extension


If the certificate has more than one instance of the same extension, Cert-C will reject it.  Have the certificate re-issued with just one instance of the extension.

Legacy Article IDa47782

Attachments

    Outcomes