Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-6012

Key recovery flag not reset on rejected approval using local key generation

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: EJBCA 6.9.0
    • Fix Version/s: EJBCA 6.9.0
    • Component/s: None
    • Labels:
      None
    • Issue discovered during:
      Another issue
    • Sprint:
      6.9.0 Sprint 2

      Description

      Using local key generation, the flag 'markAsKeyRecoverable' in KeyRecoveryData is set in the requesting instance database before the operation is approved (if approvals is enabled for key recovery). This is done because there's no way for the CA to change the flag in the RAs database.

      If the request is approved, everything works as intended. However, if it's rejected, the CA cannot reset the flag in the RAs database which means a new request cannot be made for key recovery.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              hsunmark Henrik Sunmark
              Reporter:
              hsunmark Henrik Sunmark
              Verified by:
              Oskar Eriksson (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: