How to process PKCS#10 Certificate Signing Request (CSR) from WebSphere
Originally Published: 2003-04-07
Article Number
Applies To
IBM WebSphere
IBM WebSphere
Keon Certificate Authority
Issue
How to process PKCS#10 Certificate Signing Request (CSR) from Microsoft Windows 2000 domain controller
Program Error
!PKCS10Parse(): [XrcDECODINGFAILURE] unable to complete decoding operation. XudaParsePKCS10Request():
[XrcDECODINGFAILURE: unable to complete decoding operation]
Cause
One specific known encoding error is that there is an extra Context Specific tag included in the encoded Certificate Signing Request (CSR). Another common fault with submissions from a Windows 2000 domain controller is a request with no email address specified. If the ASN.1 is decoded, you would see the following type of display:
SET {
SEQUENCE {
OBJECT IDENTIFIER emailAddress (1 2 840 113549 1 9 1)
IA5String
Error: Object has zero length.
}
}
Resolution
1. Save the Certificate Signing Request (CSR) with a .64 suffix
2. Strip the -----BEGIN NEW CERTIFICATE REQUEST----- header and footer so the file contains pure Base64
3. Open the file with WinZip and extract the file called "unknown.001"
4. Read the file 'unkown.001' with any of the well known ASN.1 decoders
One of the most commonly used and referenced tools is "dumpasn1" from Peter Gutmann, and may be found at http://www.cs.auckland.ac.nz/~pgut001/. Also, a Windows front end has recently been produced and can be downloaded from http://www.geminisecurity.com/guidumpasn.html.
Workaround
Related Articles
Workflow error: The work item count of XX exceeds the maximum limit of 10 in RSA RSA Via Lifecycle and Governance Number of Views Configure Device History Settings for a Risk-Based Authentication Policy Number of Views Announcing the March Release of SecurID Number of Views RSA Governance & Lifecycle Advanced Dashboards Library Release Notes - Revision 2.0 Number of Views How to generate a vettor certificate from a PKCS#10 (CSR) request Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Release Notes for RSA Authentication Manager 8.8 Download RSA SecurID Access Cloud User Event audit logs using Cloud Administration REST API CLU
Don't see what you're looking for?
