000023850 - No Common Name (CN) in the CA causes Keon Registration Authority (KRA) to fail during upgrade

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 4Show Document
  • View in full screen mode

Article Content

Article Number000023850
Applies ToKeon Registration Authority
IssueNo Common Name (CN) in the CA causes Keon Registration Authority (KRA) to fail during upgrade
read_ca_from_cert: Error getting cn
When performing an upgrade to 6.0.X, if the System and Admin CA's do not have Common Names (CNs) defined, the upgrade will fail as follows:

2002.03.12-21:26: --------------------------------------------------------
2002.03.12-21:26:                 B E G I N   I N S T A L L
2002.03.12-21:26: --------------------------------------------------------
2002.03.12-21:26: Processing old Log Server configuration file...
2002.03.12-21:26: Processing old Directory configuration file...
2002.03.12-21:26: Processing old Administration configuration file...
2002.03.12-21:27: read_ca_from_cert: Caught Standard Library Exception.
read_ca_from_cert: Error getting cn
--- read_ca_from_cert: Caught Standard Library Exception.
read_ca_from_cert: Error getting cn
2002.03.12-21:27: UpgraderApp::GleanSigningCA: Caught Standard Library Exception.
read_ca_from_cert: Caught Standard Library Exception.
read_ca_from_cert: Error getting cn
--- UpgraderApp::GleanSigningCA: Caught Standard Library Exception.
read_ca_from_cert: Caught Standard Library Exception.
read_ca_from_cert: Error getting cn
2002.03.12-21:27: Install: Caught XDK Exception.
--- UpgraderApp::GleanSigningCA: Caught Standard Library Exception.
read_ca_from_cert: Caught Standard Library Exception.
read_ca_from_cert: Error getting cn
CauseThere is a bug in the 6.0 upgrader which assumes all the CAs have CNs defined
ResolutionRSA Security has created a hot fix (ref tst00027198) to address this issue. This was fixed in KRA version 6.0.2. Please contact RSA Security Technical Support and request the latest build of the product, which will contain the fix.

Also, a similar problem exists in the KCA. Please refer to the solution titled Keon: Upgrade to KCA 6.0 fails if Admin or System CAs have no CN defined for full details.
Legacy Article IDa11640

Attachments

    Outcomes