Bug 500489

Summary: CA installation wizard doesn't prompt to download/install CA chain on Firefox 3
Product: [Retired] Dogtag Certificate System Reporter: Chandrasekar Kannan <ckannan>
Component: CAAssignee: Matthew Harmsen <mharmsen>
Status: CLOSED ERRATA QA Contact: Chandrasekar Kannan <ckannan>
Severity: urgent Docs Contact:
Priority: urgent    
Version: unspecifiedCC: awnuk, benl, jmagne, mharmsen
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-07-22 23:35:10 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 443788    
Attachments:
Description Flags
Use HTTP to download CA Chain
none
Use HTTP to download CA Chain (dogtag) none

Description Chandrasekar Kannan 2009-05-12 22:02:01 UTC 
Description of problem:

- On a rhel 5.3 x86_64 with nethsm 2000 attached, I'm not 
  able to see the pop-up screen that one would see to trust
  the CA chain during CA configuration ( happens after keygen ).

Version-Release number of selected component (if applicable):

8.0

How reproducible:

- always

Steps to Reproduce:
1. see description :)
2.
3.
  
Actual results:
unable to see the dialog to import the ca chain

Expected results:
see the dialog and import the ca chain

Additional info:
using firefox 3.xx.xx as my browser
Comment 1 Matthew Harmsen 2009-05-13 00:15:41 UTC 
Per discussions, I will change the path to the pop-up from https://$hostname:$https_ee_port/ca/ee/ca/getCAChain to http://$hostname:$http_ee_port/ca/ee/ca/getCAChain.
Comment 2 Matthew Harmsen 2009-05-13 01:30:19 UTC 
Created attachment 343675 [details]
Use HTTP to download CA Chain
Comment 3 Matthew Harmsen 2009-05-13 01:30:54 UTC 
Created attachment 343676 [details]
Use HTTP to download CA Chain (dogtag)
Comment 5 Jack Magne 2009-05-13 01:34:41 UTC 
Attachments (id=343675) (id=343676) +jmagne
Comment 7 Matthew Harmsen 2009-05-13 01:38:27 UTC 
cd pki/base

% svn status | grep -v ^$ | grep -v ^P | grep -v ^X | grep -v ^?
M      common/src/com/netscape/cms/servlet/csadmin/ImportCAChainPanel.java

% svn commit
Sending        base/common/src/com/netscape/cms/servlet/csadmin/ImportCAChainPanel.java
Transmitting file data .
Committed revision 445.


cd pki/dogtag

% svn status | grep -v ^$ | grep -v ^P | grep -v ^X | grep -v ^?
M      ca/pki-ca.spec
M      ca-ui/dogtag-pki-ca-ui.spec
M      common-ui/shared/admin/console/config/importcachainpanel.vm

% svn commit
Sending        dogtag/ca/pki-ca.spec
Sending        dogtag/ca-ui/dogtag-pki-ca-ui.spec
Sending        dogtag/common-ui/shared/admin/console/config/importcachainpanel.vm
Transmitting file data ...
Committed revision 446.
Comment 9 Chandrasekar Kannan 2009-06-05 13:46:05 UTC 
Verified with build 06/04/2009.

- installed/configured all subsystems ca,tks,tps,ra,ocsp,kra on nethsm2k
  with browser firefox 3 (latest on rhel 5.3 x86_64).
- all agent certs are imported onto the browser.  
- this of course can happen only after the proper ca chain is imported.