[Pki-devel] [PATCH] Fixed adminEnroll servlet browser import issue
Matthew Harmsen
mharmsen at redhat.com
Tue May 3 18:42:02 UTC 2016
Please review the attached patch which addresses:
* PKI TRAC Ticket #1669 - adminEnroll servlet EnrollSuccess.template
succeeds but fails on import into browser
<https://fedorahosted.org/pki/ticket/1669>
This was tested on Fedora 23 by doing the following:
* installed and configured a CA
* Successfully tested enrollment in a browser after importing the
original Admin certificate
* systemctl stop pki-tomcatd at pki-tomcat.service
* edited /etc/pki/pki-tomcat/ca/CS.cfg to set:
o ca.Policy.enable=true
o cmsgateway.enableAdminEnroll=true
* systemctl start pki-tomcatd at pki-tomcat.service
* created a new Firefox profile
* traversed to the EE page, went to the Retrieval tab, imported the CA
cert, and trusted it
* within this new profile, traversed to
https://pki.example.com:8443/ca/admin/ca/adminEnroll.html, and
filled out the form
* with this patch installed, it should generate a new admin
certificate and import it successfully into this new profile -- to
check, attempt to use the imported admin certificate to traverse to
the Agents page
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20160503/cbd1d903/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 20160503-Fixed-adminEnroll-servlet-browser-import-issue.patch
Type: text/x-patch
Size: 4354 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20160503/cbd1d903/attachment.bin>
More information about the Pki-devel
mailing list