Uploaded image for project: 'SignServer'
  1. SignServer
  2. DSS-1986

Generate CSR for PGP key always uses key from PGPPUBLICKEY property if set

    Details

    • Stakeholder:
      Customer
    • Issue discovered during:
      Customer
    • Epic Link:
    • Sprint:
      SignServer-Sprint 101

      Description

      Way to reproduce:

      1. Setup a PGP-based signer and perform the normal steps to make sure it has a key, and use Generate CSR to get the public key with user ID and store it in PGPPUBLICKEY worker property.
      2. Now, in the worker click Renew key to get a new key.
        Observer that there is not both DEFAULTKEY and NEXTCERTSIGNKEY properties.
      3. Click Generate CSR for the New Key and store in the PGPPUBLICKEY property
      4. Switch DEFAULTKEY to the new key alias
        Expected: Worker should be active and have a public key with only the latest User ID
        Actually: Worker is offline with error "Configured PGPPUBLICKEY not matching the key". And also the list of user ID contains both the old key's user ID and the new

      Probably the PGPPUBLICKEY worker property should only apply for the current key and when generating a CSR for "Next key" the PGPPUBLICKEY property should not be read.

       

        Attachments

          Activity

            People

            Assignee:
            marcus.lundblad@primekey.se Marcus Lundblad
            Reporter:
            markus Markus Kilås
            Verified by:
            Markus Kilås, Vinay Singh (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 3 hours Original Estimate - 3 hours
                3h
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 3 hours, 6 minutes
                3h 6m