Return-Path: 
 <dev-return-13044-apmail-directory-dev-archive=directory.apache.org@directory.apache.org>
Delivered-To: apmail-directory-dev-archive@www.apache.org
Received: (qmail 2259 invoked from network); 18 Aug 2006 13:53:01 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur.apache.org with SMTP; 18 Aug 2006 13:53:01 -0000
Received: (qmail 42404 invoked by uid 500); 18 Aug 2006 13:53:00 -0000
Delivered-To: apmail-directory-dev-archive@directory.apache.org
Received: (qmail 42357 invoked by uid 500); 18 Aug 2006 13:53:00 -0000
Mailing-List: contact dev-help@directory.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@directory.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@directory.apache.org>
List-Post: <mailto:dev@directory.apache.org>
List-Id: <dev.directory.apache.org>
Reply-To: "Apache Directory Developers List" <dev@directory.apache.org>
Delivered-To: mailing list dev@directory.apache.org
Received: (qmail 42346 invoked by uid 99); 18 Aug 2006 13:53:00 -0000
Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 18 Aug 2006 06:53:00 -0700
X-ASF-Spam-Status: No, hits=1.9 required=10.0
	tests=DNS_FROM_RFC_ABUSE,DNS_FROM_RFC_POST,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (asf.osuosl.org: domain of aok123@bellsouth.net designates
 205.152.59.68 as permitted sender)
Received: from [205.152.59.68] (HELO imf20aec.mail.bellsouth.net)
 (205.152.59.68)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 18 Aug 2006 06:52:59 -0700
Received: from ibm62aec.bellsouth.net ([65.80.200.112])
          by imf20aec.mail.bellsouth.net with ESMTP
          id
 <20060818135237.LFQP29683.imf20aec.mail.bellsouth.net@ibm62aec.bellsouth.net>
          for <dev@directory.apache.org>; Fri, 18 Aug 2006 09:52:37 -0400
Received: from [172.16.1.7] (really [65.80.200.112])
          by ibm62aec.bellsouth.net with ESMTP
          id <20060818135236.GIKW13496.ibm62aec.bellsouth.net@[172.16.1.7]>
          for <dev@directory.apache.org>; Fri, 18 Aug 2006 09:52:36 -0400
Message-ID: <44E5C69E.2030101@bellsouth.net>
Date: Fri, 18 Aug 2006 09:54:38 -0400
From: Alex Karasulu <aok123@bellsouth.net>
User-Agent: Thunderbird 1.5.0.5 (X11/20060728)
MIME-Version: 1.0
To: Apache Directory Developers List <dev@directory.apache.org>
Subject: Re: Storing and searching X.509 certificates
References: <23133b0c0608180454v7bdabb25h489171240de8db60@mail.gmail.com>
 <d45b08f00608180559h2310bf83uc859c881fec8e702@mail.gmail.com>
In-Reply-To: <d45b08f00608180559h2310bf83uc859c881fec8e702@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-2; format=flowed
Content-Transfer-Encoding: 8bit
X-Virus-Checked: Checked by ClamAV on apache.org
X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N

Hmmmm if you turn logging on to debug in your log4j.properties you'll 
get a stack trace returned to you from the server.  I could use this to 
see what is actually the problem.

Alex


Emmanuel Lecharny wrote:
> Well, I found a very interesting message on google group that could help 
> you :
> 
> http://groups.google.fr/group/comp.lang.java.programmer/browse_thread/thread/2cd78003c51f2560/e1b81def3fcb6396?lnk=st&q=Binary+LDAP+Encoding+from+JNDI&rnum=2&hl=fr#e1b81def3fcb6396 
> <http://groups.google.fr/group/comp.lang.java.programmer/browse_thread/thread/2cd78003c51f2560/e1b81def3fcb6396?lnk=st&q=Binary+LDAP+Encoding+from+JNDI&rnum=2&hl=fr#e1b81def3fcb6396>
> 
> Can you check if it helps, and if so, give us some feedback?
> 
> It seems to be a very common problem.
> 
> Emmanuel
> 
> On 8/18/06, *Nikola Goran �utura* <ngcutura@gmail.com 
> <mailto:ngcutura@gmail.com>> wrote:
> 
>     Hi,
> 
>     I am using ApacheDS 1.0-RC3, running as a Windows service with
>     default supplied configuration ( service.xml). Using JXplorer, I
>     added an X.509 certificate and I am able to view that certificate
>     using JXplorer again. However, when I want to search for the entries
>     containing this certificate, my searches fail.
> 
>     Here are the code snippets that fail:
> 
>             CertificateFactory cf = CertificateFactory.getInstance("X.509");
>             X509Certificate cert = (X509Certificate)
>     cf.generateCertificate(new FileInputStream(" test-cert.der"));
>             SearchControls constraints = new SearchControls();
>             constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
>             NamingEnumeration results =
>     ctx.search("ou=users,o=myorg,dc=example,dc=com",
>     "userCertificate;binary= {0}", new Object[] {cert}, constraints);
>             // results are empty but one entry is expected
> 
>     If I omit ';binary' in attribute name, I get exception:
> 
>             CertificateFactory cf = CertificateFactory.getInstance("X.509");
>             X509Certificate cert = (X509Certificate)
>     cf.generateCertificate(new FileInputStream("test-cert.der"));
>             SearchControls constraints = new SearchControls();
>             constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
>             NamingEnumeration results =
>     ctx.search("ou=users,o=myorg,dc=example,dc=com", "userCertificate=
>     {0}", new Object[] {cert}, constraints);
>             // the last line thows exception:
>     javax.naming.NamingException: [LDAP: error code 54 - failed on
>     search operation]; remaining name
>     'ou=users,o=ActiveMQ,dc=example,dc=com'
> 
> 
>     Please advise me of the proper way to resolve this problem.
> 
>     Regards,
>     NGC
> 
> 
> 
> 
> 
> -- 
> Cordialement,
> Emmanuel L�charny