dogtagpki

Clone
Source Code
GIT

#2378 Multiple TPS installations generate leftover certificates
Closed: migrated 3 years ago by dmoluguw. Opened 7 years ago by edewata.

Closed: migrated
Reopen Issue

When TPS is installed on a separate instance it creates TPS subsystem users (i.e. TPS-<hostname>-<port>) in CA, KRA, and TKS containing the TPS's subsystem certificate. If the TPS is removed then reinstalled multiple times, some of these users will end up containing multiple certificates from previous installations, possibly confusing other code that needs to get the current certificate.

There are two problems that need to be fixed:

  • During TPS uninstall the TPS users need to be removed from all other subsystems.
  • During TPS install, in case the TPS user already exist with certificates from previous installation, the old certificates need to be removed before adding the new one.

The workaround is to remove the old users and certificates manually.

Per PKI Bug Council of 06/23/2016: 10.3.4

Metadata Update from @edewata:
- Issue assigned to edewata
- Issue set to the milestone: UNTRIAGED
7 years ago

Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new
issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.

This issue has been cloned to GitHub and is available here:
https://github.com/dogtagpki/pki/issues/2498

If you want to receive further updates on the issue, please navigate to the
GitHub issue and click on Subscribe button.

Thank you for understanding, and we apologize for any inconvenience.

Metadata Update from @dmoluguw:
- Issue close_status updated to: migrated
- Issue status updated to: Closed (was: Open)
3 years ago

Login to comment on this ticket.

Metadata
None
None
None
major
None
None
None
defect
None
None
None
None
None
Community
None
None
None
None
None
None
Installation/Configuration
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.