Bug 499842
Summary: | Revoking an unknown serial numbers does not return useful error | ||||||
---|---|---|---|---|---|---|---|
Product: | [Retired] Dogtag Certificate System | Reporter: | Rob Crittenden <rcritten> | ||||
Component: | CA | Assignee: | Andrew Wnuk <awnuk> | ||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Chandrasekar Kannan <ckannan> | ||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | 1.1 | CC: | awnuk, benl, dpal, jgalipea, mharmsen | ||||
Target Milestone: | --- | Keywords: | Reopened | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2012-06-04 20:32:57 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | |||||||
Bug Blocks: | 431020, 431022, 445047 | ||||||
Attachments: |
|
Description
Rob Crittenden
2009-05-08 14:32:42 UTC
Created attachment 369801 [details]
proposed fix
attachment (id=369801) +mharmsen svn commit pki/base/common/src/LogMessages_en.properties Sending pki/base/common/src/LogMessages_en.properties Transmitting file data . Committed revision 823. svn commit pki/base/common/src/com/netscape/cms/servlet/cert/DoRevoke.java Sending pki/base/common/src/com/netscape/cms/servlet/cert/DoRevoke.java Transmitting file data . Committed revision 824. In case were no certificate was found to be revoked, error message: "Error encountered while marking certificate revoked." was replaced with "Attempt to revoke non-existent certificate(s).". Verified. CS8.1 nightly(4-Dec-2010) ; x86_64 RHEL5.6 nightly ; x86_64 Procedure: (1)Disable random nonces securing access by setting `ca.enableNonces=false` in CS.cfg (2)Try to revoke a non-existent cert (99) by invoking the doRevoke servlet url as below ################################## [root@iceberg ~]# grep -i enableNnonce /var/lib/pki-ca1/conf/CS.cfg ca.enableNonces=false [root@iceberg ~]# ################################# https://iceberg.pnq.redhat.com:35333/ca/agent/ca/doRevoke?op=doRevoke&revocationReason=0&revokeAll=%28certRecordId=99%29&op=revoke ################################# Result: (as expected) Attempt to revoke non-existent certificate(s) |