Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-5978

RA enrollment with requestid doesn't authenticate password with reusecert = true

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: EJBCA 6.9.0
    • Fix Version/s: EJBCA 6.9.0
    • Component/s: None
    • Labels:
    • Issue discovered during:
      Another issue
    • Sprint:
      6.9.0 Sprint 3

      Description

      After introduction of RA Key recovery, enrollment using request Id can be done with any password after a key recovery (with a password already set during key recovery process).
      This only occurs if 'reuse certificate' is enabled for key recovery.
      Root cause:
      KeyStoreCreateSessionBean: 

      if ((reusecertificate) && (keyData != null)) {
   no authorization is performed...
}

        Attachments

          Issue Links

          relates

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. ECA-5175 Support for delegated key pair generation

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed

            Activity

              People

              Assignee:
              hsunmark Henrik Sunmark
              Reporter:
              hsunmark Henrik Sunmark
              Verified by:
              Mike Agrenius Kushner
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: