Bug 492963 - ESC responds to a problem in the cert request differently depending on which cert in the order has the problem
ESC responds to a problem in the cert request differently depending on which ...
Status: CLOSED CURRENTRELEASE
Product: Dogtag Certificate System
Classification: Community
Component: ESC (Show other bugs)
1.0
All Windows
high Severity low
: ---
: ---
Assigned To: Jack Magne
Chandrasekar Kannan
: TechPreview
Depends On:
Blocks: 445047
  Show dependency treegraph
 
Reported: 2009-03-30 18:26 EDT by Sean Veale
Modified: 2015-01-04 18:37 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Technology Preview
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-06-04 16:20:01 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Sean Veale 2009-03-30 18:26:59 EDT
Description of problem:
In a tps config with 3 certs specified if the first or second cert profile has an error in it preventing the cert from being created the other 2 still written to the card and you have an enrollment succeed message  If the 3rd cert has the problem then none are written to the card and you get an enrollment failed message.

Minor bug, but it should work the same in either case. 
Version-Release number of selected component (if applicable):


How reproducible:

Always
Steps to Reproduce:
1.Create a cert profile that will have to actually be able to process the request. The easiest way to do so is have a policyset defined in the list but not defined in the body of the cert profile.  Set this to the first profile created in the tps config. What the other 2 certs get written to the card.
2.

3.  Repeat the process but move this erroneous cert profile to the third cert getting created. See the different behavior. 
  
Actual results:


Expected results:


Additional info:
Comment 2 Jack Magne 2010-08-27 21:43:48 EDT
Fix to bug: https://bugzilla.redhat.com/show_bug.cgi?id=579790, addresses this issue. Test text to follow.
Comment 3 Asha Akkiangady 2011-05-20 13:13:31 EDT
Tested with ESC-1.1.0-13 on a Win XP 64 bit host, enrollment performed with the CS 8.1 TPS with the latest build.

1. When all 3 profiles are good, enrollment operation loads all 3 certificates successfully on the token.

2. When the profile of the first certificate is messed up (by defining the policy set in the list and policy not defined in the profile body), during the enrollment ESC throws error message "Enrollment of the smart card failed. The Smart Card Server cannot import the required certificates into your smart card". None of the certificates loaded on the smart card.

3. Moved the erroneous cert profile to the second cert getting created, during the enrollment ESC throws error message and no certificates loaded on the smart card.

4. Moved the erroneous cert profile to the third cert getting created, during the enrollment ESC throws error and none of the certificates loaded on the smart card.


Marking the bug verified.

Note You need to log in before you can comment on or make changes to this bug.