@esindril commented on this pull request. > - if (SecEntity.moninfo) free(SecEntity.moninfo); - SecEntity.moninfo = X509_NAME_oneline(X509_get_subject_name(peer_cert), NULL, 0); - TRACEI(DEBUG, " Subject name is : '" << SecEntity.moninfo << "'"); - - mape = servGMap->dn2user(SecEntity.moninfo, bufname, sizeof(bufname), 0); - if ( !mape ) { - TRACEI(DEBUG, " Mapping name: " << SecEntity.moninfo << " --> " << bufname); - if (SecEntity.name) free(SecEntity.name); - SecEntity.name = strdup(bufname); - } - else { - TRACEI(ALL, " Mapping name: " << SecEntity.moninfo << " Failed. err: " << mape); - } - } - + if (!dn) { If we don't do this then simple certificates don't work. The EEC for a plain certificate is the issuer and what you want is the subject in this case. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/pull/1224#discussion_r444978205 ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1