Trusted certificate with name constraints extension results in failed processing

Question

Trusted certificate with name constraints extension results in failed processing

sfieten opened this issue 6 years ago · 1 comments

When a [CA] certificate that includes the name constraint extension is loaded in trustedcerts.jks the processing of signed messages fails due to a java.lang.IllegalArgumentException: Invalid encoding for NameConstraintsExtension. and an ebMS Other error is returned to the Sender.

Answer 1 · 2019-04-02T15:40:33.000Z

Processing may also fail if a certificate in the chain uses the Policy Constraints extension.