Security warnings "No Subject DN Certificate Constraints were defined. This could be a security issue" #570

MrSulu66 · 2022-01-25T12:48:22Z

MrSulu66
Jan 25, 2022
Maintainer

When sending documents to other access points, we can see the following security warning in our logs
No Subject DN Certificate Constraints were defined. This could be a security issue
Logged by org.apache.wss4j.common.crypto.CryptoBase

My guess that this is because we allow to send documents to any of the access points (trusted by the Peppol Authority root CA), and we don't whitelist only specific access points.
Does that make sense, or is this indicating an other issue?

Note that we are using Oxalis & Oxalis-AS4 5.0.1.

Thanks in advance,

MrSulu66 · 2022-05-05T09:12:57Z

MrSulu66
May 5, 2022
Maintainer Author

Hello,

Could you help us to verify this issue?

Thanks,

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security warnings "No Subject DN Certificate Constraints were defined. This could be a security issue" #570

{{title}}

Replies: 1 comment

{{title}}

Select a reply

Security warnings "No Subject DN Certificate Constraints were defined. This could be a security issue" #570

MrSulu66 Jan 25, 2022 Maintainer

Replies: 1 comment

MrSulu66 May 5, 2022 Maintainer Author

MrSulu66
Jan 25, 2022
Maintainer

MrSulu66
May 5, 2022
Maintainer Author