Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-6133

Add whitelist possibility to CAA Validator

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 6.9.1
    • Component/s: None
    • Labels:
      None

      Description

      CAA Validator will inevitably fail for some obscure reason for some domains.
      Assuming that this can be manually validated, CAs will want to issue certificates for those domains regardless. To do this a possibility to whitelist, i.e. ignore specified domains from CAA checking, is needed.

      A text field in the CAA Validator configuration where the Admin can enter one domain per line?
      For example having a line "klaan.nu" would skip any CAA checking (but of course log this to audit log - VALIDATOR_SUCCESS) for anything above "klaan.nu", i.e. a.b.c.klaan.nu, *.a.klaan.nu, *.klaan.nu etc.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                bastianf Bastian Fredriksson
                Reporter:
                tomas Tomas Gustavsson
                Verified by:
                Mike Agrenius Kushner
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 1 day, 1 hour, 8 minutes
                  1d 1h 8m