000022831 - Error in OCSP Bind Object PORT attribute XrcNOTFOUND

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022831
Applies ToKeon Certificate Authority 6.5
Sun Solaris 2.8
IssueError in OCSP Bind Object PORT attribute XrcNOTFOUND
(ERROR) Error in OCSP Bind Object PORT attribute XrcNOTFOUND Object DN:md5=d194422825f9bb0e35ff2e549f8614a2,md5=d194422825f9bb0e35ff2e549f8614a2
CauseThis error message is merely cosmetic - it actually will not cause a problem to the running of KCA or using OCSP; it is caused by the ordering of specific ACL rules in the KCA database
ResolutionTo stop the error message from occurring, swap the order of the 2 ACL rules using the following steps:

- Select "System Configuration" Workbench

- Click on LDAP rules on the left side. This now displays and editbox of all your LDAP rules. Scroll down about 3/4 down the page to find the following two rules:

access to filter="objectclass=xuda_ocsp_bind" attrs=port,usepolicy,sslkeyfile,sslcertfile,verifyrequestpolicy,verifyrqlevelpolicy,sslpkiport,sslpkihost,ocsp_id
       by dn="md5=0a72f41efed54a2a81dae3f330813c09" write
       by dn=".*" none

access to filter="objectclass=xuda_ocsp_bind"
       by dn="md5=0a72f41efed54a2a81dae3f330813c09" write
            by dn=".*" read

Simply edit the window so the order shows as follows:

access to filter="objectclass=xuda_ocsp_bind"
       by dn="md5=0a72f41efed54a2a81dae3f330813c09" write
            by dn=".*" read

access to filter="objectclass=xuda_ocsp_bind" attrs=port,usepolicy,sslkeyfile,sslcertfile,verifyrequestpolicy,verifyrqlevelpolicy,sslpkiport,sslpkihost,ocsp_id
       by dn="md5=0a72f41efed54a2a81dae3f330813c09" write
       by dn=".*" none


Lastly, press "Save ACL rules to database" at the bottom of the page. When the KCA is next restarted, the error message (seen in the webserver log and syslog) will no longer be present.
Legacy Article IDa14737

Attachments

    Outcomes