[Pki-devel] [PATCH] Fixed adminEnroll servlet browser import issue

[Matthew Harmsen]

Please review the attached patch which addresses:

  * PKI TRAC Ticket #1669 - adminEnroll servlet EnrollSuccess.template
    succeeds but fails on import into browser
    <https://fedorahosted.org/pki/ticket/1669>

This was tested on Fedora 23 by doing the following:

  * installed and configured a CA
  * Successfully tested enrollment in a browser after importing the
    original Admin certificate
  * systemctl stop pki-tomcatd at pki-tomcat.service
  * edited /etc/pki/pki-tomcat/ca/CS.cfg to set:
      o ca.Policy.enable=true
      o   cmsgateway.enableAdminEnroll=true
  * systemctl start pki-tomcatd at pki-tomcat.service
  * created a new Firefox profile
  * traversed to the EE page, went to the Retrieval tab, imported the CA
    cert, and trusted it
  * within this new profile, traversed to
    https://pki.example.com:8443/ca/admin/ca/adminEnroll.html, and
    filled out the form
  * with this patch installed, it should generate a new admin
    certificate and import it successfully into this new profile -- to
    check, attempt to use the imported admin certificate to traverse to
    the Agents page

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20160503/cbd1d903/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 20160503-Fixed-adminEnroll-servlet-browser-import-issue.patch
Type: text/x-patch
Size: 4354 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20160503/cbd1d903/attachment.bin>