#16 Pass the private key's PublicKeyInfo to enrollment helpers
Opened 6 years ago by nalin. Modified 2 years ago

For cases where a CA sends back a PKCS#7 blob with multiple certificates in it, we should pass in the client public key so that the helper can dig out the certificate that contains that key, and have a sanity check even when the CA just sends back a certificate.

New milestone was created for milestone-less tickets.

We pass the information out in 0.73 and later. We added the consistency check as a debug statement for 0.78: the debugging output will include a null item named "key_checked", "key_reused", or "key_mismatch", depending on whether the key in an issued certificate matches the expected key, the existing key when we wanted to switch to a new one, or neither.

Metadata Update from @nalin:
- Issue set to the milestone: 0.78

2 years ago

Login to comment on this ticket.