Bug 233129

Summary: AEP: failover info is not cached properly?
Product: Red Hat Certificate System Reporter: Chandrasekar Kannan <ckannan>
Component: Auto-EnrollmentAssignee: Brian Stevens <bstevens>
Status: CLOSED CURRENTRELEASE QA Contact: Chandrasekar Kannan <ckannan>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.3CC: benl, cfu, jmagne, mharmsen
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-08-29 00:08:40 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Chandrasekar Kannan 2007-03-20 16:00:27 UTC 
AEP - proxy failover.

I have two CA's placed in the AEP configuration.

ca #1 : ivanova.dsqa.sjc2.redhat.com: 15443
ca #2 : switch.dsdev.sjc.redhat.com:15443

I shutdown CA#1. 

the 1st certificate request failed over to ca#2 as expected.
the 2nd certificate request also failed over to ca#2. 

Steve, per your design, this shouldn't be happening , right ?.

if ca#1 is down, this info is cached for 5 minutes and subsequent
certificate requests should go directly to ca#2 ?.
Comment 1 Steve Parkinson 2007-03-29 17:54:18 UTC 
Sorry, the default retry interval is 30 seconds. You can change this value in
the registry. I documented it in appendix 2 of the documentation.

http://directory.fedora.redhat.com/wiki/Auto_Enroll_Registry
Comment 2 Steve Parkinson 2007-04-02 16:30:25 UTC 
Is this a dupe of : bug 233044 ?
Comment 3 Chandrasekar Kannan 2007-04-21 17:44:13 UTC 
Verified with CS 7.3 build 04/20

used windows2003sp1 - child domain to do autoenrollment.
setup failover connections to the following CAs.
  1. CS 71 CA
  2. CS 72 CA

They are both subordinates of the same rootCA.

1. stopped CS71CA. AEP failed over to the 72CA.
2. stopped CS72CA. AEP failover over to the 71CA.

failover caching works ok.
Comment 4 Red Hat Bugzilla 2007-11-05 04:21:32 UTC 
User sparkins's account has been closed
Comment 5 Chandrasekar Kannan 2008-08-25 22:54:08 UTC 
Bug already CLOSED/VERIFIED. setting screened+ flag