New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Authority entry without entryUSN is skipped even if USN plugin enabled #2564
Comments
Comment from mharmsen (@mharmsen) at 2016-08-31 21:18:09 Per PKI Bug Council of 08/31/2016: 10.3.6 |
Comment from mharmsen (@mharmsen) at 2016-09-07 01:11:32 Checked into master: commit e457cb8
commit d1aa1ec
|
Comment from mharmsen (@mharmsen) at 2016-09-07 23:18:15 Cherry-picked into DOGTAG_10_3_BRANCH: From 3a97c5f Mon Sep 17 00:00:00 2001 When processing lightweight CAs, currently we perform the entryUSN Move the host authority check before the entryUSN check to avoid Fixes: https://fedorahosted.org/pki/ticket/2444 From 21e268a Mon Sep 17 00:00:00 2001 Currently we abort adding a lightweight CA if its entry does not Update the authority monitor to check if the USN plugin is enabled Part of: https://fedorahosted.org/pki/ticket/2444 (cherry picked from commit d1aa1ec) |
Comment from ftweedal (@frasertweedale) at 2017-02-27 14:11:28 Metadata Update from @frasertweedale:
|
This issue was migrated from Pagure Issue #2444. Originally filed by ftweedal (@frasertweedale) on 2016-08-24 06:50:56:
Currently we abort adding a lightweight CA if its entry does not
have an 'entryUSN' attribute, and log a failure, even if the USN
plugin is enabled. But if the plugin is enabled, it's fine to
proceed.
Update the authority monitor to check if the USN plugin is enabled
and only log the failure if it is not. Clarify the log message
accordingly.
This scenario also results in an additional authority entry for the
host CA being added, because the skip due to entryUSN processing
makes it seem that there is no entry for the host authority.
The text was updated successfully, but these errors were encountered: