public class CertificateRequest {
- public static final String DEFAULT_CN = "CAcert WoT User";
+ public static final String DEFAULT_CN = "SomeCA User";
public static final ObjectIdentifier OID_KEY_USAGE_SSL_SERVER = ObjectIdentifier.newInternal(new int[] {
1, 3, 6, 1, 5, 5, 7, 3, 1
try {
DomainAssessment.checkCertifiableDomain(san.getName(), user.isInGroup(Group.CODESIGNING), false);
valid = true;
+ if ( !valid || !CAA.verifyDomainAccess(owner, p, san.getName()) || (pDNS != null && !domainTemp.isMultiple())) {
+ // remove
+ } else {
+ if (pDNS == null) {
+ pDNS = san.getName();
+ }
+ filteredSANs.add(san);
+ continue;
+ }
} catch (GigiApiException e) {
+ error.mergeInto(e);
valid = false;
}
- if ( !valid || !CAA.verifyDomainAccess(owner, p, san.getName()) || (pDNS != null && !domainTemp.isMultiple())) {
- // remove
- } else {
- if (pDNS == null) {
- pDNS = san.getName();
- }
- filteredSANs.add(san);
- continue;
- }
}
} else if (san.getType() == SANType.EMAIL) {
if (emailTemp != null && owner.isValidEmail(san.getName())) {
}
}
error.mergeInto(new GigiApiException(SprintfCommand.createSimple(//
- "The requested Subject alternate name \"{0}\" has been removed.", san.getType().toString().toLowerCase() + ":" + san.getName())));
+ "The requested subject alternate name (SAN) \"{0}\" has been removed.", san.getType().toString().toLowerCase() + ":" + san.getName())));
}
SANs = filteredSANs;
}
if (ctx.getTarget() instanceof Organisation) {
Organisation org = (Organisation) ctx.getTarget();
subject.put("O", org.getName());
- subject.put("C", org.getState());
+ subject.put("C", org.getCountry().getCode());
subject.put("ST", org.getProvince());
subject.put("L", org.getCity());
if (ou != null) {
if (nullIsOK) {
name = "";
} else if (realIsOK) {
- name = u.getName().toString();
+ name = u.getPreferredName().toString();
}
}
} else if (name == null || name.equals("")) {
if (defaultIsOK) {
name = DEFAULT_CN;
} else if (realIsOK) {
- name = u.getName().toString();
+ name = u.getPreferredName().toString();
}
}
} else {
verifiedCN = name;
} else {
if (nameTemp.isRequired()) {
- error.mergeInto(new GigiApiException("The name entered, does not match the details in your account. You cannot issue certificates with this name. Enter a name that matches the one that has been assured in your account, because a name is required for this certificate type."));
+ error.mergeInto(new GigiApiException("The name entered, does not match the details in your account. You cannot issue certificates with this name. Enter a name that matches the one that has been verified in your account, because a name is required for this certificate type."));
} else if (name.equals(DEFAULT_CN)) {
verifiedCN = DEFAULT_CN;
} else {
name = DEFAULT_CN;
- error.mergeInto(new GigiApiException("The name entered, does not match the details in your account. You cannot issue certificates with this name. Enter a name that matches the one that has been assured in your account or keep the default name."));
+ error.mergeInto(new GigiApiException("The name entered, does not match the details in your account. You cannot issue certificates with this name. Enter a name that matches the one that has been verified in your account or keep the default name."));
}
}
} else {