When listing user certificates on the public web page, if the subject DN provided is slightly malformed, a java.lang.StringIndexOutOfBoundsException will be thrown.
The issue seems to be related to parsing of incomplete subject DNs (trailing commas, incomplete fields - with no values etc).
1. Open page Public Web -> Retrieve -> List User's Certificates.
2. Set "Subject DN" to one of the following values:
3. Click on the "OK" button.
1. An error is reported. The message is "No certificates exist for 'SUBJECT_DN'".
1. Exception is thrown. See attached error page.
Some other similar expressions seem to work. For example, these seem to work ok:
Bump this issue up if you think it is a security problem.