RE_Enroll operation does not revoke the original certificates on the token
Steps to Reproduce:
1. Enroll a token of userKey token type. 2. Edit the token policy using the Web UI with RE_ENROLL=YES 3. Enroll the token again 4. Default TPS CS.cfg was used which has op.format.userKey.revokeCert=true
Actual results:
Original certificates are not revoked
Expected results:
Original certificates are expected to be revoked.
Additional info:
attaching the tps debug log Created attachment 1205287 TPS re-enroll debug log
CLOSING AS WORKSFORME:
Christina Fu 2016-10-07 14:04:38 EDT
I cannot reproduce. It works for me. Did you literally enter (delimited by ';')? FORCE_FORMAT=YES;RE_ENROLL=YES
Roshni 2016-10-07 14:45:20 EDT
With fresh TPS instance the original certs were revoked during re-enrollment when FORCE_FORMAT=YES;RE_ENROLL=YES was set for the token.
Metadata Update from @rpattath: - Issue set to the milestone: 10.3.6
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/2607
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Login to comment on this ticket.