Bug 445400 - Enhancement request to provide page size used during CRL generation as configurable parameter.
Enhancement request to provide page size used during CRL generation as config...
Status: CLOSED ERRATA
Product: Dogtag Certificate System
Classification: Community
Component: CA (Show other bugs)
1.0
All Linux
low Severity low
: ---
: ---
Assigned To: Andrew Wnuk
Chandrasekar Kannan
:
Depends On:
Blocks: 443788
  Show dependency treegraph
 
Reported: 2008-05-06 14:19 EDT by Andrew Wnuk
Modified: 2015-01-04 18:32 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-07-22 19:28:42 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
CRL page size tunable parameter (2.20 KB, text/plain)
2008-05-06 14:33 EDT, Andrew Wnuk
no flags Details
spec diffs (1.96 KB, text/plain)
2008-05-06 15:09 EDT, Andrew Wnuk
no flags Details

  None (edit)
Description Andrew Wnuk 2008-05-06 14:19:58 EDT
Description of problem:
Enhancement request to provide page size used during CRL generation as
configuration parameter. 

Version-Release number of selected component (if applicable): 1.0


How reproducible: N/A


Steps to Reproduce: N/A

  
Actual results:


Expected results:
Above parameter will allow to tune CRL generation.


Additional info:
Comment 1 Andrew Wnuk 2008-05-06 14:33:01 EDT
Created attachment 304671 [details]
CRL page size tunable parameter
Comment 2 Matthew Harmsen 2008-05-06 14:53:53 EDT
+ mharmsen - attachment (id=304671)
- update the release number and changelog comment in the pki/linux/ca and
pki/linux/common specfiles.
Comment 3 Andrew Wnuk 2008-05-06 15:09:03 EDT
Created attachment 304677 [details]
spec diffs
Comment 4 Matthew Harmsen 2008-05-06 16:18:39 EDT
+ mharmsen attachment (id=304677)
- one suggestion; always place "bugzilla"/"Bugzilla" in front of the bug # so
that we know which bug system was being utilized
Comment 5 Andrew Wnuk 2008-05-06 18:33:22 EDT
pki/base/ca/src/com/netscape/ca[50] svn commit CRLIssuingPoint.java
Sending        CRLIssuingPoint.java
Transmitting file data .
Committed revision 30.

pki/base/common/src/com/netscape/certsrv/ca[54] svn commit
ICertificateAuthority.java
Sending        ICertificateAuthority.java
Transmitting file data .
Committed revision 31.

pki/linux/common[58] svn commit pki-common.spec
Sending        pki-common.spec
Transmitting file data .
Committed revision 32.

pki/linux/ca[60] svn commit pki-ca.spec    
Sending        pki-ca.spec
Transmitting file data .
Committed revision 33.
Comment 6 Jenny Galipeau 2009-06-12 06:08:42 EDT
Please add steps to verify this bug.  Thank you
Comment 7 Chandrasekar Kannan 2009-06-25 15:37:50 EDT
here's the steps, I think...

1 - generate a CRL that has like 10 revoked certs
2 - edit CS.cfg to have ca.crl.MasterCRL.pageSize=2
3 - restart ca
4 - goto the ca Agent Page -> Display CRL -> MasterCRL -> Entire CRL.

See if the UI allows you to page through the 10 entries 2 at a time.
Comment 8 Jenny Galipeau 2009-06-25 16:03:27 EDT
1. set ca.crl.MasterCRL.pageSize=2 and restarted ca
2. With 6 revoked certificates on CRL
3. Updated CRL
4. from ca Agent page displayed entire CRL
5. All 6 were listed, not open to page through 2 at a time.
Comment 9 Chandrasekar Kannan 2009-06-25 18:13:59 EDT
Sorry. Change of instructions.


1 - set CS.cfg to have ca.crl.pageSize=1
2 - restart ca
3 - generate a CRL that has like 10 revoked certs
4 - watch CA debug log ... you will see the following line
    "CRL Page Size:" make sure number matches your config setting.

This is enough to verify the bug.

But I would like to see how the VLV search is in turn constructed by looking at the slapd logs... and we should probably decipher that vlv search and ensure
this pageSize is actually fed in for the search
Comment 15 Jenny Galipeau 2009-07-06 12:54:12 EDT
Verified:

1. set page size to 2 and restarted ca
Debug log:

[06/Jul/2009:12:44:35][main]: CRL Page Size: 2

2. 
update CRL - clear cache enabled.

DS access log:
[root@qe-blade-11 installscripts]# tail -f /var/log/dirsrv/slapd-qe-blade-11/access
[06/Jul/2009:12:46:36 -0400] conn=137 op=11 SRCH base="ou=certificateRepository, ou=ca, dc=qe-blade-11.idm.lab.bos.redhat.com-pki-ca" scope=1 filter="(certStatus=REVOKED)" attrs="serialno revInfo objectClass"
[06/Jul/2009:12:46:36 -0400] conn=137 op=11 SORT serialno (0)
[06/Jul/2009:12:46:36 -0400] conn=137 op=11 VLV 0:2:A 0:0 (0)

vlv is 2.

Note You need to log in before you can comment on or make changes to this bug.