|Applies To||Keon Certificate Authority 6.5.1|
Microsoft Windows 2000 SP3
Cisco VPN 3000 Concentrator
|Issue||Program Error: "req-authorize.xuda: Line 518: [XrcNOTFOUND] unable to locate requested member or object. Unable to sign certificate [unable to locate requested member or object]" while issuing VPN Server Certificate with KCA|
The CA Jurisdiction is configured for CRL publishing, and will automatically include a CRLdp (CRL Distribution Point extension). The PKCS#10 certificate request also contains a request for a CRLdp. There is a conflict with the automatic CRLdp and the one in the certificate request.
To correct this issue, temporarily disable local CRL Publishing for the target jurisdiction. Then, issue the VPN server certificate. Next, re-enable CRL publishing for the jurisdiction. The VPN certificate will be issued with a CRLdp, and future client certificates will also include this extension. This issue will be resolved in a future KCA version.
A PKCS#10 certificate request object is being used to request a certificate
CRL publishing has been enabled for a jurisdiction
|Legacy Article ID||a19652|