Publishing certificates with multiple OU values
Originally Published: 2003-01-07
Article Number
Applies To
Sun Solaris 2.8
Microsoft Windows 2000
Issue
confirmEntry: unable to locate or add entry [CN=John Doe, OU=IT Dept, OU=Security, OU=Acme Class3 CA, O=Acme Inc., dc=cert,dc=acme, dc=com]
Cause
dc=cert,dc=acme, dc=com
O=Acme Inc.
OU=Acme Class3 CA
The external publishing of Keon Certificate Authority has been configured as follows:
Base DN: dc=cert,dc=acme, dc=com
Certificate DN: CN,OU,O
A bug in version 6.0.2 allowed certificates with multiple OU values to be published to this point; the bug has now been corrected in KCA 6.5, and the same publishing scheme will value the given error.
Resolution
Base DN: OU=Acme Class3 CA,O=Acme Inc.,dc=cert,dc=acme, dc=com
Certificate DN: CN
This will now mean that only the CN value is used from the certificate and will publish to the OU=Acme Class3 CA part of your tree.
Workaround
Related Articles
How to publish CA certificate and user certificate under the same OU ? Number of Views Leaver Rule–Deprovision is not moving Disabled Accounts to the Disabled OU in RSA Governance & Lifecycle Number of Views How to Include or Exclude an Active Directory OU from the Microsoft LDAP directory on RSA Authentication Manager 8.x Number of Views What is the impact of a domain migration in RSA Identity Governance and Lifecycle Number of Views How do you merge FSM audit logs? Number of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA-2026-07: RSA Authentication Manager Security Update for Third-Party Component Vulnerabilities Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide
Don't see what you're looking for?
