Bizarre error message with Novell Certificate Server

It must be the week for stupid error messages.  I just tried to create a private SSL certificate for one of our server VMs from our Novell eDirectory iManager server.  The CSR was created by OpenSSL on the command line on the Ubuntu server, and i copied it to my laptop with the filename “req”.  When i tried to issue the certificate through iManager > Novell Certificate Server > Issue Certificate, it gave me the singularly unenlightening error:

Exception occurred processing WizardPage_CreateCert_Key.jsp

Google searches for this exact string resulted in zero hits.  The error log on the iManager server (/var/opt/novell/tomcat5/logs/catalina.out) showed a similar error:

WizardPage_005fCre.1594 java.lang.StringIndexOutOfBoundsException

After playing around with a few different certificate parameters and trying again, i decided to try something stupid: i added the filename extension “.csr”.  Unbelievably, this worked, and i was able to create and download the certificate without problems.  It seems that the iManager code makes some assumptions about the content based on the filename.

I’m glad i solved my problem, but i do have to wonder whether there are any vulnerabilities (at least of the denial-of-service persuasion) which might be possible due to these sort of assumptions.


Source: libertysys.com.au

Leave a Reply