000021777 - How to determine if user already has a certificate in Keon OneStep

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000021777
Applies ToKeon Certificate Authority OneStep 6.5.1
IssueHow to determine if user already has a certificate in Keon OneStep
CauseOneStep plugin may want to prevent the issuing of a new certificate for users who already have a valid cert
ResolutionThis can be accomplished by integrating KCA-API sample code from samples/storageSamples/LDAPSearchSimple into the OneStep plugin KCSOSExchange function. Using the KCA-API call XudaLDAPSearchSimple to do the check would look something like this:

// check for cert based on user id
status = XudaLDAPSearchSimple(session, "xuda_certificate", "cn",
   XudaXPTUTF8Temp(userName), &xanyList);

if (status == XrcNOTFOUND) // user has no cert, proceed
...
Legacy Article IDa24925

Attachments

    Outcomes