Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-4203

"Check Certificate Status" reports incorrect/misleading status

    Details

    • Issue discovered during:
      Customer

      Description

      The "Check Certificate Status" page reachable via public web interface can produce misleading/wrong results when requesting information about either non-existing certificates (with random serial number that is not present in database), or when requesting information about certificates from CAs that are not even present in EJBCA instance.

      Reproduction steps:
      1. On public web, open page "Inspect" -> "Check Certificate Status".
      2. Set "Issuer DN" to "CN=Test". Such a CA should not exist in this EJBCA instance.
      3. Set "Serial No." to "123456".

      Expected results:
      1. Certificate is reported as unknown.

      Actual results:
      1. Certificate is reported as "NOT been revoked". Full output:

      ---%---
      Issuer: CN=Test
      Serial number: 123456
      The certificate has NOT been revoked.
      ---%---

        Attachments

          Activity

            People

            Assignee:
            johan Johan Eklund
            Reporter:
            branko Branko Majic (Inactive)
            Verified by:
            Mike Agrenius Kushner
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: