Red Hat Bugzilla – Bug 446773
CS.cfg limited to 10m for cert issuance
Last modified: 2015-01-04 18:32:23 EST
During a recent high volume test, we noticed that the default
CS.cfg is hardcoded to have a range of 10 million certs for the CA.
We need to increase this limit.
Also, I seem to recall that in the CS.cfg had "0x10000000" and the UI said
"1,000,000" (decimal). It can't be both. Need to verify my memory.
CS.cfg has a limit of 0x10000000 (hex) in terms of the number of certs issued.
It also however, has a limit of 10000000 (decimal) for requests. Good thing we're consistent!
If the new serial number management code is enabled, however, the range of certs and requests available will automatically increase as new ranges are added, when the number of available numbers falls below a low water mark.
So, presumably we can close this bug - either as NOTABUG or as a duplicate of the serial number management bug.
Chandra, how do you want to proceed?
Ok - marking as modified so QE can check.
Note: serial number management is not enabled by default. It can be amanually enabled. It is enabled by default when cloning occurs.
Reading again, I do realize that this is a dup of 472006
*** This bug has been marked as a duplicate of bug 472006 ***