Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-5978

RA enrollment with requestid doesn't authenticate password with reusecert = true

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: EJBCA 6.9.0
    • Fix Version/s: EJBCA 6.9.0
    • Component/s: None
    • Labels:
    • Issue discovered during:
      Another issue
    • Sprint:
      6.9.0 Sprint 3

      Description

      After introduction of RA Key recovery, enrollment using request Id can be done with any password after a key recovery (with a password already set during key recovery process).
      This only occurs if 'reuse certificate' is enabled for key recovery.
      Root cause:
      KeyStoreCreateSessionBean:

      if ((reusecertificate) && (keyData != null)) {
         no authorization is performed...
      }
      

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              hsunmark Henrik Sunmark
              Reporter:
              hsunmark Henrik Sunmark
              Verified by:
              Mike Agrenius Kushner
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: