Description of problem: ca.p7c bin file is prompted while importing CA Agent certificate in browser. (see screen shot attached) firefox throws warning about the agent cert installed - "certificate cannot be trusted, or cannot be verified or expired.." Environment: CS8.0 + Errata-1 bits How reproducible: every time. Steps to Reproduce: 1. Install/configure CA subsystem Actual results: At the certificate import panel, ca.p7c(pkcs#7) file is prompted - CA agent cert is not trusted. Expected results: - ca.p7c should not be prompted - CA agent certificate should be trusted by firefox cert store.
Created attachment 358075 [details] ca.p7c bin file download prompt
Created attachment 358179 [details] proposed fix
attachment (id=358179) +mharmsen
svn commit pki/dogtag/common/pki-common.spec Sending pki/dogtag/common/pki-common.spec Transmitting file data . Committed revision 764. svn commit pki/base/common/src/com/netscape/cms/servlet/cert/GetCAChain.java Sending pki/base/common/src/com/netscape/cms/servlet/cert/GetCAChain.java Transmitting file data . Committed revision 765. svn commit pki/base/common/src/com/netscape/cms/crl/CMSAuthInfoAccessExtension.java Sending pki/base/common/src/com/netscape/cms/crl/CMSAuthInfoAccessExtension.java Transmitting file data . Committed revision 766.
Verified(on newest build from 27-08-09). ca.p7c is not prompted when the CA configuration is complete.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2009-1443.html