X500 principal [CN=client] was not decoded - no values of attribute [2.5.4.3] ----------------------------------------------------------------------------- Key: ELY-1587 URL: https://issues.jboss.org/browse/ELY-1587 Project: WildFly Elytron Issue Type: Bug Components: Certificate Authority, X.500 Affects Versions: 1.3.2.Final Reporter: Martin Choma Assignee: Jan Kalina Priority: Critical Fix For: 1.4.0.CR1 Attachments: client.asn1, client.cer Debugging revealed certificate use {{utf8String}} representation whereas Elytron is expecting {{printableString}} In rfc 5280 [1] chapter 4.1.2.4. Issuer there is specified value of subject/issuer can be of 5 types {code} DirectoryString ::= CHOICE { teletexString TeletexString (SIZE (1..MAX)), printableString PrintableString (SIZE (1..MAX)), universalString UniversalString (SIZE (1..MAX)), utf8String UTF8String (SIZE (1..MAX)), bmpString BMPString (SIZE (1..MAX)) } {code} However Elytron X500 principal decoder [2] can handle only 2 of them PRINTABLE_STRING_TYPE and IA5_STRING_TYPE (not sure which type of rfc does that match) [2] Definitely missing {{utf8String}} (my case). Also revise for backward compatibility {{teletexString}}, {{bmpString}} and {{universalString}} [1] https://www.ietf.org/rfc/rfc5280.txt [2] https://github.com/wildfly-security/wildfly-elytron/blob/32ff7c17965b3eca...