-
Notifications
You must be signed in to change notification settings - Fork 274
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hide download and email if the certificate has been signed by scep request #6778
Conversation
63ce1b3
to
6ec1582
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- Do we really want to prevent download of SCEP certificates from web admin ?
IMHO, we should allow admin users to download SCEP certificates from web admin because web admin doesn't display all informations of certificates (OCSP URL, key usage, etc.) and if you need these informations, you will have to look into DB.
Certificates generated through SCEP are stored in DB without private keys so it's not a problem. Perhaps we can have a "Copy Certificate" button like we have for CA certificates.
- Download button is still available when you click on a SCEP certificate
6ec1582
to
b2582e5
Compare
Just added a way to download the public key. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- Existing SCEP certs will have a wrong value of
scep
field in DB. We need to update existing SCEP certs if we are able to distinguish them but I'm not sure it's possible.
hide pki certificate email/download when scep is used
ec17f03
to
92860bd
Compare
I don't see an automated way to identify SCEP certificate in DB before. EDIT: it means that "Download" button will be available for old SCEP certificates which can lead to confusion. EDIT: fixed by 7153f05 |
Just did new tests:
=> I expect to be able to select SCEP @satkunas, could you take a look ? |
@nqb the |
Work as expected after I remove my preferences and clean my web browser cache. |
Description
Hide download and email if the certificate has been signed by scep request
Impacts
PKI
Delete branch after merge
YES
Checklist
NEWS file entries
Enhancements