Trusted certificate with name constraints extension results in failed processing
sfieten opened this issue · 1 comments
sfieten commented
When a [CA] certificate that includes the name constraint extension is loaded in trustedcerts.jks
the processing of signed messages fails due to a java.lang.IllegalArgumentException: Invalid encoding for NameConstraintsExtension.
and an ebMS Other error is returned to the Sender.
sfieten commented
Processing may also fail if a certificate in the chain uses the Policy Constraints extension.