Bug 1560682
| Summary: | (RFE) Migrate RHCS x509 cert and crl functionality to JSS | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Jack Magne <jmagne> |
| Component: | jss | Assignee: | Jack Magne <jmagne> |
| Status: | CLOSED ERRATA | QA Contact: | ipa-qe <ipa-qe> |
| Severity: | high | Docs Contact: | Marc Muehlfeld <mmuehlfe> |
| Priority: | high | ||
| Version: | 7.6 | CC: | aakkiang, mharmsen, mkosek, rpattath |
| Target Milestone: | rc | Keywords: | FutureFeature, TestCaseProvided |
| Target Release: | 7.6 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | jss-4.4.4-2.el7 | Doc Type: | Enhancement |
| Doc Text: |
A low-level API to create X.509 certificates and CRLs has been added to JSS
This enhancements adds a low-level API, which can be used to create X.509 certificate and certificate revocation lists (CRL) to the Java Security Services (JSS).
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2018-10-30 11:00:36 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1550132 | ||
|
Description
Jack Magne
2018-03-26 18:15:23 UTC
Checkin: Address Bugzilla: Bug 1560682 - (RFE) Migrate RHCS x509 cert and crl … …functionality to JSS. This consists of a migration of low level X509 cert and crl related classes from dogtag into JSS. This initial migration will allow users of jss to utilize these classes to create certs and crls. The initial goal is to simply provide the classes from dogtag to be used in JSS. A later goal will be to refactor dogtag to use the classes moved to JSS, but that will be for a future ticket. This migration will also address this issue: Bug 1577991 - org.mozilla.jss.netscape.security.util.ObjectIdentifier cannot parse OID arcs larger than Integer.MAX_VALUE. The file ObjectIdentifier.java has been modified to use BigInt instead of the int type, allowing for a greater range of values. Fixed minor classpath issue. JSS_4_4_BRANCH (#10) @jmagne jmagne committed 5 days ago 1 parent f6df4da commit 06eacad918e745d632067deea398f14ce9da29ac Testing: For our purposes our testing for this issue should be to execute extensive sanity, simply to make sure that we have not caused any regressions with this feature. The reason for this is that this feature consists of mostly migrated / added code taken from dogtag. The rest of the changes are minor build related changes. Nevertheless, we need to make sure we have not done anything to harm the current JSS. commit 06eacad918e745d632067deea398f14ce9da29ac (HEAD -> JSS_4_4_BRANCH, origin/JSS_4_4_BRANCH) Author: Jack Magne <jmagne> Date: Fri Jun 15 14:53:53 2018 -0700 [root@nocp1 ecc]# rpm -qi jss Name : jss Version : 4.4.4 Release : 3.el7 Architecture: x86_64 Install Date: Thu 26 Jul 2018 10:38:39 AM EDT Group : Unspecified Size : 1456493 License : MPLv1.1 or GPLv2+ or LGPLv2+ Signature : RSA/SHA256, Mon 16 Jul 2018 04:07:45 PM EDT, Key ID 199e2f91fd431d51 Source RPM : jss-4.4.4-3.el7.src.rpm Build Date : Mon 16 Jul 2018 03:48:21 PM EDT Build Host : x86-038.build.eng.bos.redhat.com Relocations : (not relocatable) Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> Vendor : Red Hat, Inc. URL : http://www.dogtagpki.org/wiki/JSS Summary : Java Security Services (JSS) Sanity tests look good Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:3188 |