Way to reproduce:
- Setup a PGP-based signer and perform the normal steps to make sure it has a key, and use Generate CSR to get the public key with user ID and store it in PGPPUBLICKEY worker property.
- Now, in the worker click Renew key to get a new key.
Observer that there is not both DEFAULTKEY and NEXTCERTSIGNKEY properties.
- Click Generate CSR for the New Key and store in the PGPPUBLICKEY property
- Switch DEFAULTKEY to the new key alias
Expected: Worker should be active and have a public key with only the latest User ID
Actually: Worker is offline with error "Configured PGPPUBLICKEY not matching the key". And also the list of user ID contains both the old key's user ID and the new
Probably the PGPPUBLICKEY worker property should only apply for the current key and when generating a CSR for "Next key" the PGPPUBLICKEY property should not be read.