#3798 When passwords are set to cache=false, userCertificate auth fails when backend is offline
Opened 6 months ago by firstyear. Modified 4 months ago

When you set password cache to false, moving the backend to offine causes CCID auth to fail. This is despite the presence of userCertificate in cache.ldb.

This should not occur - userCertificate should always be cached and available regardless of the state of the password.

sssd-1.16.2-1.1.x86_64 openSUSE tumbleweed

So far we agreed to fix this in the 2.x branch and backport later. Thank you for the bug report.

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 2.1

5 months ago

@jhrozek Thanks mate, sadly there have been a few issues on the 1.x series with CCID auth, but I appreciate your time to making this work for 2.x.

Hi @firstyear,

I cannot reproduce the issue with a current version of SSSD. Tumbleweed now has SSSD-2.0, do you still see this the issue with recent version of Tumbleweed? If that's the case, can you attach logs?


Login to comment on this ticket.