[Pki-devel] [PATCH] 0133 Revoke lightweight CA certificate on deletion
Endi Sukma Dewata
edewata at redhat.com
Tue Sep 6 18:49:07 UTC 2016
On 8/24/2016 11:18 PM, Fraser Tweedale wrote:
> Hi team,
>
> The attached patch implements cert revocation on LWCA deletion. The
> TODO for parametrising over revocation reason and invalid date is
> intentional - I just want to get the minimal viable solution into
> 10.3.x ASAP and we can look at what more is wanted/needed later.
>
> Thanks,
> Fraser
I was comparing this patch to the existing code in CertService, it looks
like some methods of RevocationProcessor are not called by this patch:
* setStartTime()
* setInitiative()
* setRequestType()
* setComments()
* validateNonce()
* validateCertificateToRevoke()
They seem to be related to audit or validation, so maybe that can be
added later. Also there probably should be try-catch blocks to audit
failed operations.
I pushed the patch as is to master (10.4), but feel free to post
additional patches to address the above issue.
--
Endi S. Dewata
More information about the Pki-devel
mailing list