rhcs81 caManualRenewal with original profile modified for empty params.name creates root CA subject DN #1389
Labels
Milestone
Comments
|
Comment from mharmsen (@mharmsen) at 2014-09-18 03:03:54 Proposed Milestone: 10.2.3 (per CS Meeting of 09/17/2014) |
|
Comment from mharmsen (@mharmsen) at 2015-01-15 01:07:59 Per Dogtag 10.2.X meeting of 01/14/2015: Milestone 10.2.2 |
|
Comment from cfu (@cfu) at 2015-02-12 22:19:10 pushed to master |
|
Comment from nkinder (@nkinder) at 2017-02-27 14:09:04 Metadata Update from @nkinder:
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This issue was migrated from Pagure Issue #822. Originally filed by nkinder (@nkinder) on 2014-01-13 19:48:13:
rhcs81 caManualRenewal with original profile modified for empty params.name
creates root CA subject DN
Version-Release number of selected component (if applicable):
Red Hat Enterprise Linux Server release 5.9 (Tikanga)
redhat-ds-base-8.2.11-5.el5dsrv
pki-ca-8.1.5-1.el5pki
How reproducible:
always
Steps to Reproduce:
1.have user directory
2.have CA
3.duplicate profile caDirUserCert
4. modify subjectNameConstraintImpl to add a params:
policyset.set1.1.constraint.class_id=subjectNameConstraintImpl
policyset.set1.1.constraint.name=Subject Name Constraint
policyset.set1.1.constraint.params.pattern=.*
policyset.set1.1.default.class_id=subjectNameDefaultImpl
policyset.set1.1.default.name=Subject Name Default
policyset.set1.1.default.params.name=$request.auth_token.tokenCertSubject$
policyset.set1.1.default.params.name=
start CA
http://ca1.example.com:9180/ca/ee/ca/profileSelect?profileId=caManualRenewal
Actual results:
a certificate is issued
but the subject DN is unexpected, it is the root CA (!)
The text was updated successfully, but these errors were encountered: