This issue was reported by Gossamer per Common Criteria evaluation.
We need roper default subjectDN for CMC request authenticated through SharedToken.
commit 2746c4f70d738266b72161d80c1a2ff6a9a45391 (HEAD -> master, origin/master, origin/HEAD, ticket-3037-SharedTokenSbjdn-A-master)
Author: Christina Fu <email@example.com>
Date: Tue Jun 19 15:21:54 2018 -0700
Ticket 3037 CMC SharedToken SubjectDN default
This patch adds proper subjectDN to CMC requests authenticated via ShardToken.
Specifically, the AuthTokenSubjectNameDefault profile default is added to
the default CMC profiles that authenticates via SharedToken.
Code were added to ensure that the proper subjectDN retrieved from the
mapped user entry is added to the AuthToken for such utilization.
QE Test Verification:
rpm -qa pki-ca
Verified the scenario's mentioned in https://bugzilla.redhat.com/show_bug.cgi?id=1593585#c7
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.