RSA Registration Manager installation fails at the last step with no option to apply LDAP ACL rule changes
Originally Published: 2006-03-24
Article Number
Applies To
Keon Registration Authority 6.5.1
Issue
RSA Registration Manager Administration Server cannot be accessed if target CA is subordinate CA when Microsoft Windows 2000 hotfix Q329115 applied
RSA Registration Manager Enrollment Server cannot be accessed if target CA is subordinate CA when Microsoft Windows 2000 hotfix Q329115 applied
Cause
The Microsoft hotfix deals with identity spoofing in that someone with an end-entity certificate could then issue a certificate even though they are not really a CA. If the subordinate CA certificate includes the Basic Constraints and Key Usage extensions, then access is restored.
Resolution
To correct this issue, either create the subordinate CA certificate with the Basic Constraints and Key Usage extensions, or re-sign the subordinate CA, adding the two extensions at that time.
Related Articles
RSA Via Lifecycle and Governance 6.9.1 P06 User Access Review includes indirect entitlements of users Number of Views RSA Identity Governance & Lifecycle Attribute Change Rule for Managed Attributes with argument "Set to old value of" does … Number of Views Howto: Change the Master Encryption Key Storage Directory in RSA Identity Governance and Lifecycle (IGL) Number of Views Schedule a Cleanup Job Number of Views How to perform bulk action on review items greater than 10k in RSA Via Lifecycle and Governance 6.9.1 Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.9 Release Notes (January 2026) An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide
Don't see what you're looking for?
