Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Re-enrollment of an ER should clear existing enrollments #1691

Open
andrewpmartinez opened this issue Jan 18, 2024 · 0 comments
Open

Re-enrollment of an ER should clear existing enrollments #1691

andrewpmartinez opened this issue Jan 18, 2024 · 0 comments
Assignees
@andrewpmartinez

Comments

@andrewpmartinez
Copy link
Member

andrewpmartinez commented Jan 18, 2024
edited

Experienced
Issuing multiple ER re-enrollments causes them to remain in the data store. Causing issues on which JWT is returning per ER as it will be data order dependent/sorting dependent.

Expected
Only 1 outstanding enrollment per Edge Router due to the fact that they do not support multiple authenticators.

Reproduction

  1. Create an ER and enroll it
  2. Trigger re-enrollment twice on the ER
  3. Note that two enrollments existing the data store, only the most recent should remain

Notes:

The ER enrollment endpoint does not allow the expiration date to be set. Instead, it uses a configuration value from the controller's configuration file, which defaults to 180 minutes if not set.

Looking into that I found another bug, it uses the the identity duration instead of the router one by mistake.

The config values are edge.enrollment.edgeIdentity.duration and edge.enrollment.edgeRouter.duration, expected integers as minute values
@andrewpmartinez andrewpmartinez self-assigned this Jan 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@andrewpmartinez andrewpmartinez

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@andrewpmartinez