nimbus-new-user doesn't support addresses with the '+' character #76

buzztroll opened this Issue Nov 16, 2011 · 4 comments


None yet

2 participants


The nimbus-new-user does accept email addresses with the '+' character in the
leading portion of the username, which are perfectly legitimate email
addresses. For instance

When attempt to run nimbus-new-user with such an address, the following error
is triggered:

./nimbus-new-user --dest /tmp --batch --web --group=3
Traceback (most recent call last):
File "/opt/nimbus/libexec/", line 420, in
rc = main()
File "/opt/nimbus/libexec/", line 407, in main
create_user(o, db)
File "/opt/nimbus/libexec/", line 340, in create_user
raise ex1
nimbusweb.setup.setuperrors.UnexpectedError: Problem creating certificate.
[<<< stderr: 'Problem creating certificate: String index out of range: -1


This is not actually a problem with the email address, it is a problem with the common name for the cert DN. You can work around this by using the -c option and using a name without a + in it.


The bouncy castle class X509Principal will not accept a DN with a + in it, thus Nimbus cannot support this.

@buzztroll buzztroll closed this Nov 17, 2011

Very well, if such an email address is attempted, can the error message indicate something along those lines then?


That seems reasonable. I will open this back up.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment