When running the Cert-C ME cert sample to read in a DSA certificate, the following error is returned:
>cert -in dsa.cer -inform bin -text
Unable to load the certificate
Error: (10008) NOT_FOUND
A possible cause is a bug in Cert-C ME release 1.5.0.7 and earlier, where it cannot load a DSA certificate that does not have a NULL parameter in the signature algorithm. According to RFC 3279 (http://www.ietf.org/rfc/rfc3279.txt), this is correct -- the DSA signature should not have a NULL parameter specified:
--------------------------------------------------------------------------------------------
id-dsa-with-sha1 OBJECT IDENTIFIER ::= {
iso(1) member-body(2) us(840) x9-57 (10040)
x9cm(4) 3 }
When the id-dsa-with-sha1 algorithm identifier appears as the
algorithm field in an AlgorithmIdentifier, the encoding SHALL omit
the parameters field. That is, the AlgorithmIdentifier SHALL be a
SEQUENCE of one component: the OBJECT IDENTIFIER id-dsa-with-sha1.
--------------------------------------------------------------------------------------------
But somehow, the Cert-C ME toolkit expects a NULL parameter to be there. This bug has been resolved in Cert-C ME 1.5.0.8.
Related Articles
Emergency Bug Fix 112194 Number of Views How are keys stored in disk and memory cache? Number of Views Web Server Will Not Start Up After Applying Service Pack 2 Number of Views When re-imaging SA.1.3 via idrac and getting error "copy of uudecode failed" Number of Views RSA Governance & Lifecycle Services 101: Reports Charts & Dashboards - What are they and how can you build them? Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process How to Update the Root (Server) and Client Certificates in RSA Identity Governance & Lifecycle RSA Authenticator 6.2.2 for Windows Administrator Guide RSA SecurID software token .sdtid file fails to import into RSA SecurID Software Token 5.0 for Windows RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide
