000022151 - Keon Certificate Authority (KCA) external publishing is not working when using Active Directory baseDN at DC level

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022151
Applies ToKeon Certificate Authority 6.5.1
Microsoft Windows 2000 Advanced Server SP4
Microsoft Active Directory
IssueKeon Certificate Authority (KCA) external publishing is not working when using Active Directory baseDN at DC level
For external publishing, when the BaseDN is DC (e.g. DC=RSA,DC=com), the publishing operation fails. When the BaseDN is set to a subordinate DN (e.g. O=Company, DC=RSA,DC=Com), external publishing works.
CauseIn this instance, Active Directory is returning a referral that is interpreted by RSA CA as an error
ResolutionTo correct this issue, contact RSA Security Customer Support or visit RSA SecurCare Online to get Keon Certificate Authority (KCA) build 247 hot fix.

NOTE: In KCA 6.5.1 build247, referrals are ignored, hence an error is no longer returned.
Legacy Article IDa27090

Attachments

    Outcomes