cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Creating custom OID to certificates

Go to solution
Former Member

on ‎09-20-2013 11:51 AM

0 Kudos

Hello folks,

I was wondering if anybody out there has tried adding custom OID subject properties to a new certificate in NWA's Certicates and Keys?

I found my custom OID on http://oid-info.com/cgi-bin/display?oid=1.3.6.1.2.1.6.13.1.5&action=display

so I assumed that it would be a valid entry.

But when I put a value in the new property, and clich 'Finish' no certificate is created, and I get error:

"ERROR: java.lang.IllegalArgumentException: Type and value must be non null for creating an AVA!"

Does this functionality even work?

I hope somebody will take pity on me

Regards,

Emil

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member189102
Explorer
‎11-20-2013 1:38 PM
0 Kudos

Hi Emil,

Did you solve this issue by any chance?

I'm trying to add a SAN (subject alternative name) to include some domains in the certificate.

Since it's not one of the predefined ones I added it with the code 2.5.29.17 but I get the same error message as you.

Hoping someone takes pity on both of us 😉

Cheers,

Benjamin

Show replies
Show replies
Former Member
‎11-21-2013 9:06 AM
0 Kudos

Hi Benjamin,

Unfortunately, I don't have any news. I also created an OSS message in the SAP support portal two months ago, but that message was forwarded to their development department, and there has been silence since. I just reminded them about it. I have not been very active with this issue, cause it turned out that our internal CA didn't allow OID's that wasn't in their template. But I still think it would be a useful feature, that I could see myself need in other situations.

I still suspect that adding custom OID's, other than the predefined ones that are already available in the drop down, does not work.

I will update this thread when/if SAP respond.

Have a good one,

Emil

former_member189102
Explorer
‎12-05-2013 7:49 AM
0 Kudos

Hi Emil,

I also created an OSS message and got this reply:

04.12.2013 - 18:07:34 WDFT -  by SAP

Hi Benjamin,

There is only one other instance of this exact issue and it is
currently with development support. This may be a bug.

Therefore I am passing the message to development support for
further analysis.

So I guess that one other instance is you 🙂

There may be a solution down the road since it's with development support.

I'll let you know if they come up with a solution.

Cheers,

Benjamin

Former Member
‎12-09-2013 1:41 PM
0 Kudos

Hi Ben,

Looks like you stirred the pot - I finally got a reply on my oss.

From SAP:

"I've created and submitted a fix for this issue. I expect that patch

for your release/SP (740/SP3) will be released by the end of this week

or in the beginning of the next one. The note number is 1952798 and it

will be visible for you in less than 2 days."

Sounds promising. I will definitely check it out. And I will, of course, let you know how that works out.

To be continued.

/ Emil

DoE_DW
Explorer
‎01-07-2014 6:43 AM
0 Kudos

Hello Emil,

I have a NetWeaver 7.4 SPS5 installation.

I tried to add OID 2.5.29.17 also but got the error mentioned in this thread. This OID has become mandatory for many CA's. Very strange that it is not included in the Default.

Did your issue get resolved?

Regards,

David Weeda

former_member189102
Explorer
‎01-07-2014 8:01 AM
0 Kudos

Hi David,

To update you, I've gotten this reply to my specific note about OID 2.5.29.17 from SAP:

"Dear customer,

SAN is a certificate extension and not a subject proprety.

Hence you can't put it within subject.

In case you need a certificate for more the one domain you can try to

put multiple CN within subject name or discuss with your CA how

it can add SAN extension."

I haven't yet tried the multiple domains in the CN field approach.

But it seems that SAP has no intent to make it possible to add SAN to the certificate.

Regards,

Benjamin

Former Member
‎08-11-2014 12:23 PM
0 Kudos

Just a follow-up.

SAP has delivered, and the functionality is working as expected. The name of any custom OID is not resolved in accordance with the OID tree, but I guess that makes sense, since the OID tree is/can be changing all the time.

Our system is now 7.4 SP7.

Regards, Emil

Answers (0)

Ask a Question