I'm trying to get CSNDPIC call working to create a CSR. I'm getting return code 8 reason codes 821 and 897.
These is my rule array...
PK10SNRQ
SELFSIGN
SDNCLEAR
PEM-FMT
U-DIGSIG
RSA
SHA-256
I've tried these various trivial SDN values that get me the reason code values above...
CN=A,O=A,OU=A
CN=AAA,O=BBB,OU=CCCC
I've tried variations on these themes. I've used lower case values for the cn, o & ou prefixes. These did not help. I'm thinking the SDN data is case insensitive.
Can anyone help me see something that I cannot?
Your help would be appreciated.
------------------------------
Mark Vollmer
Developer, but does everything.
CV Systems, LLC
------------------------------
01-19-2024 Follow up.....
Wow, I find this very interesting. I had an older query here about creating a CSR. I was eventually successful in creating one. But in my message I had given the SDN I was using in the test. I've substituted that value for my trivial one.
C=US,O=MYORG,OU=MYORGDEPARTMENT,CN=MYPUBCERT
It worked fine. Now I'm curious to know why this one worked and the other more trivial one did not.
Anyone see something I've missed?
Is "C" (country) a required part of the SDN?
Sincerely,
Mark
Further testing shows that the system will return the 8/821 error if I remove the country value from the SDN.
Consider this answered.
Thanks for taking the time.