[Pki-devel] [PATCH] 0109-Ticket-1375-Provide-cert-key-retention-for-externalR.patch
Christina Fu
cfu at redhat.com
Thu Jan 14 01:49:20 UTC 2016
Ticket #1375 Provide cert/key retention for externalReg
Ticket #1514 TPS: Recovered certs on a token has status expired
Ticket #1587 External Registration Recovery only works for 1024 sized
keys out of the box
This patch provides the cert/key retention feature for externalReg. if the
certsToAdd field contains (serial,ca#) instead of the full (serial, ca#,
keyId, kra#), then it is expecting the cert/key to be retained from token
without having to do a full retrieval (recovery). This patch also
fixes the
issues reported in #1514 and #1587 as testing of #1375 is easier with
those
two issues addressed. An issue was found during development where Coolkey
puts limits on the cert/key ids on the token and make it impossible to
inject
cert ID higher than 4, as it would then result in key ids into two digits.
This issue will be filed as a separte ticket and addressed separately.
Most
testing will then be conducted.
thanks,
Christina
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pki-cfu-0109-Ticket-1375-Provide-cert-key-retention-for-externalR.patch
Type: text/x-patch
Size: 33207 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20160113/405cbbb3/attachment.bin>
More information about the Pki-devel
mailing list