000020139 - How to delete End-Entity certificates upon Revocation in Keon Certificate Authority

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 4Show Document
  • View in full screen mode

Article Content

Article Number000020139
Applies ToKeon Certificate Authority 6.5
iPlanet 5.1 Directory Server
Sun Solaris 2.8
Microsoft Windows 2000
Sun ONE Directory Server 5.1
IssueHow to delete End-Entity certificates upon Revocation in Keon Certificate Authority
Error message displayed in event log or syslog:
Jan 16 23:39:15 kca.acme.com xudad[1412]: [ID 373491 local0.info] (INFORMATION) Push certificate: `CN=John Doe, OU=Test, OU=Root Class1 CA, O=Acme Inc., dc=testca, dc=acme, dc=com', operation: delete, attribute: `userCertificate', length: 1288
Jan 16 23:39:15 kca.acme.com xudad[1412]: [ID 373491 local0.info] (AUDIT FAILURE) Client certificate deletion publication:  md5=23e56b20effe7da7b09288ea14381665 failed [XrcXUDAUNABLE:unable to contact directory server]
Entry in access log for the directory server:
[16/Jan/2003:23:39:14 +0800] conn=20 op=17 MOD dn="CN=John Doe, OU=Test, OU=Root Class1 CA, O=Acme Inc., dc=testca, dc=acme, dc=com"
[16/Jan/2003:23:39:14 +0800] conn=20 op=17 RESULT err=32 tag=103 nentries=0 etime=0
CauseThe user entry has either never been created in the directory server or has been deleted by an administrator. Since the entry does not exist, the attempt to delete the certificate will generate a failure message.
ResolutionThere is no fix for this, since in practice there is no error. Inspect your Directory Server for what should be there; for the example above, the Directory Server reports that it cannot find the following:

dc=testca, dc=acme, dc=com
        O=Acme Inc.
                OU=Root Class1 CA
                        OU=Test
                                CN=John Doe

NOTE: See also How to delete End-Entities certificates on Revocation
WorkaroundA certificate has been revoked
Legacy Article IDa14856

Attachments

    Outcomes