When running the Cert-C ME cert sample to read in a DSA certificate, the following error is returned:
>cert -in dsa.cer -inform bin -text
Unable to load the certificate
Error: (10008) NOT_FOUND
A possible cause is a bug in Cert-C ME release 1.5.0.7 and earlier, where it cannot load a DSA certificate that does not have a NULL parameter in the signature algorithm. According to RFC 3279 (http://www.ietf.org/rfc/rfc3279.txt), this is correct -- the DSA signature should not have a NULL parameter specified:
--------------------------------------------------------------------------------------------
id-dsa-with-sha1 OBJECT IDENTIFIER ::= {
iso(1) member-body(2) us(840) x9-57 (10040)
x9cm(4) 3 }
When the id-dsa-with-sha1 algorithm identifier appears as the
algorithm field in an AlgorithmIdentifier, the encoding SHALL omit
the parameters field. That is, the AlgorithmIdentifier SHALL be a
SEQUENCE of one component: the OBJECT IDENTIFIER id-dsa-with-sha1.
--------------------------------------------------------------------------------------------
But somehow, the Cert-C ME toolkit expects a NULL parameter to be there. This bug has been resolved in Cert-C ME 1.5.0.8.
Related Articles
ERROR: (10008) NOT_FOUND when generating ECC parameters Number of Views RSA SecurID SDK 2.5.0 for iOS Release Notes Number of Views RSA Authentication Agent API 8.6 for C Release Notes Number of Views RSA Authentication Agent SDK 8.6 for C Release Notes Number of Views RSA Announces the Availability of RSA Authentication Agent SDK 8.6 for C and Java Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x
