Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-2254

Way to indicate that a certificate should not be generated and stored on a HW token

    Details

    • Type: Bug
    • Status: Close Issue
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 4.0.4
    • Component/s: CA GUI
    • Labels:
      None

      Description

      There are hard token profiles for different hard tokens. These profiles has a certificate profile for each key on the card.

      Sometimes there is no need for more than one certificate (and key) on the card.
      For this reason it should be possible to indicate that a certificate should not be generated by not specifying a cert profile for this key.

      It has been a lot of problem with applications that are choosing wrong certificates so this functionality will help a lot.

      The change in ejbca needed to achieve this is relative small and limited only to hard token functionality. See attached patch.

      Since this functionality is verified by clicking in the EJBCA GUI and testing with PrimeCard there will not be any junit test for this.

      Please tell when the patch could be applied to EJBCA 4.0 and when it could be applied to trunk.

        Attachments

          Activity

            People

            Assignee:
            lars Lars Silvén
            Reporter:
            lars Lars Silvén
            Verified by:
            Tomas Gustavsson
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: