Task #7502

Story #7499: Support non-DN Subject identifiers

Ensure all D1 libraries and utilities allow non-DN Subjects

Added by Ben Leinfelder over 8 years ago. Updated about 8 years ago.

Ben Leinfelder
Start date:
Due date:
% Done:


Estimated time:
0.00 h
Story Points:


There may be utility methods that assume Subjects are DNs and try to parse them/stnadardize them before evaluating access control rules and the like. We should make sure they utility methods continue to function as they do for DNs but also allow non_DNs to be passed through and evaluated


#1 Updated by Ben Leinfelder over 8 years ago

  • Status changed from New to In Progress
  • % Done changed from 0 to 30

the libclient method now handles non-DN formats and simply returns the original Subject string if it cannot be parsed into a standard DN format. Other projects that call this have been simplified to remove exception handling of their own.

#2 Updated by Ben Leinfelder over 8 years ago

  • translation missing: en.field_remaining_hours set to 0.0
  • % Done changed from 30 to 100
  • Status changed from In Progress to Closed

checked in changes to libraries that used CertificateManager.standardizeDN() - no need for them to check for exceptions if the value is other than DN.

#3 Updated by Ben Leinfelder about 8 years ago

  • Estimated time set to 0.00

Rolled back the change to d1_libclient and made sure the calling libs handle the exception. Allows us to more easily release 2.0.1 with fewer components.

#4 Updated by Ben Leinfelder about 8 years ago

Updated node registry and identifier reservation services to handle non-DN subjects in Node type and ID reservation. Unit tests are passing and changes are in trunk and merged to 2.0.x branch

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 14.8 MB)