Issue #2757: need CMC enrollment profiles for system certificates - dogtagpki

dogtagpki

#2757 need CMC enrollment profiles for system certificates

Closed: fixed 6 years ago Opened 6 years ago by mharmsen.

This is one of the areas that needs to be addressed from:
Bug 1464549 - Installation: allow installation with existing system certificates

The manual steps required to get system certificates would need CMC enrollment profiles for them.

Metadata Update from @mharmsen:
- Custom field component adjusted to General
- Custom field feature adjusted to ''
- Custom field origin adjusted to Community
- Custom field proposedmilestone adjusted to ''
- Custom field proposedpriority adjusted to ''
- Custom field reviewer adjusted to ''
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1464591
- Custom field type adjusted to defect
- Custom field version adjusted to ''
- Issue priority set to: critical
- Issue set to the milestone: 10.4

6 years ago

Metadata Update from @cfu:
- Issue assigned to cfu

6 years ago

cfu commented 6 years ago

commit 65b1242cd139e6306fb3e039193a3a6b223ea9b1
Author: Christina Fu cfu@redhat.com
Date: Mon Jun 26 18:09:55 2017 -0700

Ticket #2757 CMC enrollment profiles for system certificates

This patch supports CMC-based system certificate requests.

This patch contains the following:
* The code in CMCAuth (agent-based) to check ssl client auth cert against the CMC signing cert
* The cmc-based system enrollment profiles:
caCMCauditSigningCert.cfg
caCMCcaCert.cfg
caCMCkraStorageCert.cfg
caCMCkraTransportCert.cfg
caCMCocspCert.cfg
caCMCserverCert.cfg
caCMCsubsystemCert.cfg
* new URI's in web.xml as new access points

Usage example can be found here:
http://pki.fedoraproject.org/wiki/PKI_10.4_CMC_Feature_Update_(RFC5272)#Examples_.28System_Certificates.29

Metadata Update from @cfu:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

6 years ago

Metadata Update from @mharmsen:
- Issue set to the milestone: 10.4.9 (was: 10.4)

6 years ago

dmoluguw commented 3 years ago

Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new
issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.

This issue has been cloned to GitHub and is available here:
https://github.com/dogtagpki/pki/issues/2877

If you want to receive further updates on the issue, please navigate to the
GitHub issue and click on Subscribe button.

Thank you for understanding, and we apologize for any inconvenience.

Metadata

Assignee

cfu

Tags

None

Blocking

None

Depending on

None

Priority

critical

Milestone

10.4.9

lowhangingfruit

None

reporter

None

rhbz

https://bugzilla.redhat.com/show_bug.cgi?id=1464591

type

defect

version

keywords

None

estimate

None

feature

origin

Community

proposedpriority

fixedinversion

None

platforms

None

blockedby

None

blocking

None

reviewer

component

General

proposedmilestone

dogtagpki

Source Code

#2757 need CMC enrollment profiles for system certificates Closed: fixed 6 years ago Opened 6 years ago by mharmsen.

Metadata

#2757 need CMC enrollment profiles for system certificates

Closed: fixed 6 years ago Opened 6 years ago by mharmsen.