I get the error "Object Class Violation : (65)" when publishing certificates in LDAP

You LDAP object class may require some fields in the DN that you have not entered. Some schemas require the DN-attribute SN for instance.

Why do I get the exception/error: Got request with status GENERATED (40), NEW, FAILED or INPROCESS required: foo; nested exception is: javax.ejb.EJBException:null

When using the AuthenticationSession (default) all users have a STATUS. The status lifecycle begins with NEW and ends with REVOKED. Only when the status is NEW, FAILED or INPROCESS is it possible to issue a certificate to a user. After a certificate has been issued, the status is set to GENERATED. This works like a one-time-password scheme. To issue a new certificate to the user his/her status must be reset to NEW, FAILED or INPROCESS. This can be done with the CA UI or: bin/ ra setendentitystatus username status Status '10' is NEW. Just enter 'bin/ ra setendentitystatus' to see a list of all status codes.