Bug 669804
Summary: | on active token re-enroll, TPS does not revoke and remove existing certs | ||||||
---|---|---|---|---|---|---|---|
Product: | [Retired] Dogtag Certificate System | Reporter: | Ade Lee <alee> | ||||
Component: | TPS | Assignee: | Jack Magne <jmagne> | ||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Chandrasekar Kannan <ckannan> | ||||
Severity: | high | Docs Contact: | |||||
Priority: | high | ||||||
Version: | 9.0 | CC: | aakkiang, alee, benl, cfu, jmagne | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2012-06-04 20:22:48 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | |||||||
Bug Blocks: | 445047 | ||||||
Attachments: |
|
Description
Ade Lee
2011-01-14 20:36:56 UTC
Created attachment 475842 [details]
Patch to address this issue
Checkins: Branch: svn commit -m "Bugzilla Bug 669804 - on active token re-enroll, TPS does not revoke and remove existing certs." Sending tps/src/processor/RA_Enroll_Processor.cpp Sending tps/src/processor/RA_Processor.cpp Transmitting file data .. Committed revision 1804. Trunk: svn commit -m "Bugzilla Bug 669804 - on active token re-enroll, TPS does not revoke and remove existing certs." Sending tps/src/processor/RA_Enroll_Processor.cpp Sending tps/src/processor/RA_Processor.cpp Transmitting file data .. Committed revision 1803. Test: 1. Enroll a basic two cert smart card. 2. Make sure that the policy for re-enrollment is enabled. 3. Re-enroll the same token with the client. 4. Take a look at the token db interface and make sure that only the new two certs are listed in the UI and that the previous two certificates have been revoked. 5. Test the basic Format operation to make sure the certs are being revoked properly. Tested smart card Re-enrollment: - Enroll and loaded two certs - Enable re-enroll policy and re-enroll the token - the old certificates on the token has been removed - new certs loaded on the token - TPS UI shows only new certs - CA agent show old certificates as revoked. - Format operation on this token revokes the certificates. Marking the bug verified. |