From b739688f5bb1673356f83d9c1ec82012f15863ae Mon Sep 17 00:00:00 2001
From: Jean-Baptiste WATENBERG <jean-baptiste.watenberg@scality.com>
Date: Wed, 2 Oct 2024 17:02:56 +0200
Subject: [PATCH] Add support for certificates without cn

---
 .../truststore/JpaCertificateTruststoreProvider.java         | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/scality/keycloak/truststore/JpaCertificateTruststoreProvider.java b/src/main/java/com/scality/keycloak/truststore/JpaCertificateTruststoreProvider.java
index ed3cdc0..1ceaba9 100644
--- a/src/main/java/com/scality/keycloak/truststore/JpaCertificateTruststoreProvider.java
+++ b/src/main/java/com/scality/keycloak/truststore/JpaCertificateTruststoreProvider.java
@@ -57,12 +57,13 @@ private CertificateRepresentation toCertificateRepresentation(TruststoreEntity e
         X509Certificate x509Certificate = toX509Certificate(entity.getCertificate());
         try {
             X500Name x500name = new JcaX509CertificateHolder(x509Certificate).getSubject();
-            RDN cn = x500name.getRDNs(BCStyle.CN)[0];
+            RDN[] rdns = x500name.getRDNs(BCStyle.CN);
+            RDN cn = rdns.length > 0 ? rdns[0] : null;
 
             CertificateRepresentation certificate = new CertificateRepresentation(
                     entity.getAlias(),
                     entity.getCertificate(),
-                    IETFUtils.valueToString(cn.getFirst().getValue()));
+                    cn != null ? IETFUtils.valueToString(cn.getFirst().getValue()) : "-");
 
             return certificate;