You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Ticket 2654 added new signing info audit events at startup time to record which keys will be used by each CA (i.e. host CA or LWCA) for cert and OCSP signing later. However, at the actual cert or OCSP signing itself, the current audit event does not indicate which LWCA actually does the signing so the key cannot be determined. To fix the problem, the cert and OCSP signing events for LWCA should be modified to include the LWCA ID (i.e. authority ID).
This issue was migrated from Pagure Issue #2839. Originally filed by edewata (@edewata) on 2017-10-23 17:18:45:
Ticket 2654 added new signing info audit events at startup time to record which keys will be used by each CA (i.e. host CA or LWCA) for cert and OCSP signing later. However, at the actual cert or OCSP signing itself, the current audit event does not indicate which LWCA actually does the signing so the key cannot be determined. To fix the problem, the cert and OCSP signing events for LWCA should be modified to include the LWCA ID (i.e. authority ID).
Cert signing:
pki/base/ca/src/com/netscape/ca/CAService.java
Line 862 in e16be80
OCSP signing:
pki/base/ca/src/com/netscape/ca/CertificateAuthority.java
Line 2437 in e16be80
pki/base/server/cms/src/com/netscape/cms/ocsp/DefStore.java
Line 406 in e16be80
pki/base/server/cms/src/com/netscape/cms/ocsp/LDAPStore.java
Line 353 in e16be80
The text was updated successfully, but these errors were encountered: