Red Hat Certificate System renewal request rejected: Subject Name Not Unique
Issue
I'm unable to renew an SSL certificate through the CA interface
Renew certificate to be manually approved by agents
I get an exception that an existing cert for this request already exist:
Sorry, your request has been rejected. The reason is "Request Rejected - Subject Name Not Unique CN=server2.example.com,O=EXAMPLE.COM"
I've added constraints in the "caServerCert.cfg" enrollment profile to not allow duplicate SSL certificate.
This is for requesting an SSL cert not renewal:
policyset.serverCertSet.UniqSubjName.constraint.class_id=uniqueSubjectNameConstraintImpl
policyset.serverCertSet.UniqSubjName.constraint.name=Unique Subject Name Constraint
policyset.serverCertSet.UniqSubjName.constraint.params.enableKeyUsageExtensionChecking=true
policyset.serverCertSet.UniqSubjName.default.class_id=subjectNameDefaultImpl
policyset.serverCertSet.UniqSubjName.default.name=Subject Name Default
policyset.serverCertSet.UniqSubjName.default.params.name=
Environment
~~~
Red Hat Enterprise Linux Server release 5.11 (Tikanga)
pki-ca-8.1.6-1.el5pki
pki-common-8.1.12-1.el5pki
pki-native-tools-8.1.0-7.el5pki
pki-util-8.1.1-1.el5pki
~~
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.