Red Hat Certificate System renewal request rejected: Subject Name Not Unique

Solution In Progress - Updated -

Issue

I'm unable to renew an SSL certificate through the CA interface

Renew certificate to be manually approved by agents

I get an exception that an existing cert for this request already exist:

Sorry, your request has been rejected. The reason is "Request Rejected - Subject Name Not Unique CN=server2.example.com,O=EXAMPLE.COM"

I've added constraints in the "caServerCert.cfg" enrollment profile to not allow duplicate SSL certificate.
This is for requesting an SSL cert not renewal:

policyset.serverCertSet.UniqSubjName.constraint.class_id=uniqueSubjectNameConstraintImpl
policyset.serverCertSet.UniqSubjName.constraint.name=Unique Subject Name Constraint
policyset.serverCertSet.UniqSubjName.constraint.params.enableKeyUsageExtensionChecking=true
policyset.serverCertSet.UniqSubjName.default.class_id=subjectNameDefaultImpl
policyset.serverCertSet.UniqSubjName.default.name=Subject Name Default
policyset.serverCertSet.UniqSubjName.default.params.name=

Environment

~~~
Red Hat Enterprise Linux Server release 5.11 (Tikanga)
pki-ca-8.1.6-1.el5pki
pki-common-8.1.12-1.el5pki
pki-native-tools-8.1.0-7.el5pki
pki-util-8.1.1-1.el5pki
~~

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content