Description of problem: Unable to download the cert file from Gateway/Phonebook with Mozilla and Firefox when click or double clicks to the link. Version-Release number of selected component (if applicable): 7.1 How reproducible: Setup CA on CS 7.1 with "publishing" and "default LDAP connection" are enabled then issued a cert to user. Access the Gateway/Phonebook to get the cert from User. Steps to Reproduce: 1.Go to the Gateway/Phonebook http://master:19830/clients/dsgw/bin/lang?context=dsgw 2.Click Advanced Search tab 3.Search a user (somebody) you want to download the cert file then click to the link to open it. 4.The "download certificate" link will be display on top of the left side. 5. Click or double clicks to the link to download the file. Actual results: Nothing was happend. User was unable to download the file (cert). Expected results: 1. A new window will pop up to let a user download the file. Additional info: It works with safari browser with one click on the link. Also it works with mozilla and firefox when right mouse click on the link then select "Save Link as".
This is a weird one and seems to be browser related. Steps to Reproduce: 1. Install Directory Server 2. Create backend dc=example,dc=com and import the Example.ldif 3. Get a cert for one of user entries and add it to the entry 1.Go to the Gateway/Phonebook e.g. http://master:19830/clients/dsgw/bin/lang?context=dsgw 2.Click Advanced Search tab 3.Search a user (somebody) you want to download the cert file then click to the link to open it. 4.The "download certificate" link will be display on top of the left side. 5. Click or double clicks to the link to download the file. So for mozilla or firefox single or double click doesn't pop up the window to allow you to download the user certificate and add it to your key ring. On Safari ( or IE - Ben reports ) a single click does pop up the window to allow you to download the user certificate and add it to your key ring. Now you can send email to that person using their public key. The odd thing that that a right click on mozilla or firefox invokes the window to download that users public key.
DS7.2 is not a valid milestone anymore. Anything thats set to DS7.2 should be set to DS8.0. Will make further changes per bug council on 07/24/2007, after this.
User ble's account has been closed
Created attachment 296266 [details] diffs
Created attachment 296278 [details] cvs commit log Reviewed by: nkinder (Thanks!) Fix Description: The code expects the attribute to be encoded like this - attrname&mimetype&index. However, the code was outputtting the & as literal "&" chars. We need to output them encoded as %26 instead. With this fix, if I click on the Download Certificate link, and the certificate is a real email certificate (i.e. not a CA cert or a server cert or some other type of cert), Firefox 2 will silently install it under Other People's certificates in the certificate window. An attempt to use any other type of cert will silently fail. NOTE: If you actually want to use this cert in an email program, you should right click on the link and select Save Link As... to save the cert in a local file, then import that into your email program. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no
Created attachment 310468 [details] cvs commit log Resolves: bug 171353 Bug Description: Unable to download a certificate from Gateway/Phonebook Reviewed by: trivial Fix Description: Have to support both "userCertificate;binary" and "userCertificate" Platforms tested: HP-UX Flag Day: no Doc impact: no
Intalled the binary cert via the console for user scarter; did the <advance search> for this user via webapps; click <download certificate>; viewing the downloaded certificat with this command: openssl x509 -inform DER -in dosearch.html -text (see results below); marking this bug VERIFIED. [root@dhcp-231 ~]# openssl x509 -in /tmp/dosearch.htm -text -inform DER Certificate: Data: Version: 3 (0x2) Serial Number: 10000 (0x2710) Signature Algorithm: md5WithRSAEncryption Issuer: O=redhat, CN=RedHat Subordinate CA Test Cert Validity Not Before: Jun 19 20:53:43 2008 GMT Not After : Dec 19 20:53:43 2009 GMT Subject: O=redhat, CN=RedHat Subordinate CA Test Cert Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:af:5b:b5:20:12:46:c9:9c:2d:8d:df:7b:11:c1: 61:fa:79:9d:9a:3b:8c:52:81:4b:20:60:b9:43:e4: 2c:66:cc:a8:3b:66:bc:8a:3a:1e:f8:fe:af:3d:45: 86:34:16:39:7a:73:39:1f:e3:5d:e0:83:f9:3a:1e: aa:0b:67:45:1c:4d:dd:fc:8c:1c:f4:4d:ea:4e:cc: 41:20:6e:2a:ce:0a:ef:76:04:37:59:e0:32:2f:64: f4:2c:ea:a9:ad:f7:e2:ef:43:ae:d8:9e:09:62:8d: 7c:d2:fe:4d:44:c4:d1:7e:35:51:50:65:bf:85:81: b4:1b:c1:2c:7e:31:1b:4f:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:TRUE, pathlen:0 X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication, OCSP Signing X509v3 Key Usage: Digital Signature, Certificate Sign, CRL Sign Signature Algorithm: md5WithRSAEncryption a3:96:30:0f:9d:d5:fa:61:22:94:c6:d6:f6:c3:41:ad:67:5a: bb:9b:bc:d5:22:76:cb:3f:78:a8:8e:e2:60:28:72:c7:9a:d2: 65:a0:5c:3c:62:a3:6e:f0:38:68:3e:db:88:14:2e:a6:df:32: cb:6e:4c:26:87:71:6b:3d:ab:5b:70:f8:d1:df:91:fa:d6:59: 76:0d:d8:46:58:ba:b1:c2:29:b9:48:05:ab:11:9a:70:be:64: 43:ca:c6:5b:0b:81:fe:40:de:d4:3e:56:b1:e6:f4:77:7d:67: cf:ef:49:ca:4b:d4:0f:30:27:e4:98:8a:d5:13:90:81:1f:f4: 8e:0d -----BEGIN CERTIFICATE----- MIICNjCCAZ+gAwIBAgICJxAwDQYJKoZIhvcNAQEEBQAwOzEPMA0GA1UEChMGcmVk aGF0MSgwJgYDVQQDEx9SZWRIYXQgU3Vib3JkaW5hdGUgQ0EgVGVzdCBDZXJ0MB4X DTA4MDYxOTIwNTM0M1oXDTA5MTIxOTIwNTM0M1owOzEPMA0GA1UEChMGcmVkaGF0 MSgwJgYDVQQDEx9SZWRIYXQgU3Vib3JkaW5hdGUgQ0EgVGVzdCBDZXJ0MIGfMA0G CSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvW7UgEkbJnC2N33sRwWH6eZ2aO4xSgUsg YLlD5CxmzKg7ZryKOh74/q89RYY0Fjl6czkf413gg/k6HqoLZ0UcTd38jBz0TepO zEEgbirOCu92BDdZ4DIvZPQs6qmt9+LvQ67YnglijXzS/k1ExNF+NVFQZb+FgbQb wSx+MRtPvQIDAQABo0kwRzAPBgNVHRMECDAGAQH/AgEAMCcGA1UdJQQgMB4GCCsG AQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwkwCwYDVR0PBAQDAgGGMA0GCSqGSIb3 DQEBBAUAA4GBAKOWMA+d1fphIpTG1vbDQa1nWrubvNUidss/eKiO4mAocsea0mWg XDxio27wOGg+24gULqbfMstuTCaHcWs9q1tw+NHfkfrWWXYN2EZYurHCKblIBasR mnC+ZEPKxlsLgf5A3tQ+VrHm9Hd9Z8/vScpL1A8wJ+SYitUTkIEf9I4N -----END CERTIFICATE----- [root@dhcp-231 ~]#