KB Article #180415
How to customized all fields of an end user certificate signed by an customized Business CA certificate
Problem
Customized Business CA certificate
The end user certificate signed by the customized Business CA is delivered to all CFTs managed by CG.
It still have DN fields related to AXWAY ?
OU=R&D
O=Axway
L=Puteaux
C=FR
Resolution
The subject DN comes from the business CSR sent by CFT when it first registers into CG.
This is used in Passport to generate the end user business Certificate:
The subject DN is filled from the iaik.pkcs.pkcs10.CertificateRequest created from
com.axway.nodes.cft.provider.connector.rest.model.CftRegistrationRequest.CSRInfo
that CFT sends to CG
The end user business certificate DN is managed by uconf:cg.certificate.business.csr_dn.
The related documenation can be found here: https://docs.axway.com/bundle/TransferCFT_34_UsersGuide_allOS_en_HTML5/page/Content/central_governance/cg_register_w_cg.htm#customize_the_ssl_certificate_distinguished_name_(dn)
For example:
uconfset id=cg.certificate.business.csr_dn, value="'O=IBM,OU=support,CN=%uconf:cft.full_hostname%,L=Madrid,C=FR'"