Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-6468

CMP changes to return caPub certificates and lessen DN checks on VC certificate

    Details

    • Type: Epic
    • Status: Closed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 6.11.1
    • Component/s: None
    • Labels:
      None
    • Epic Name:
      CMP Vendor Certificate

      Description

      Insight into this issue:

      Customer's goal is to be able to retrieve multiple certificates for the same client certificate. To this end, they need the following development:

      1. Changes to CMP Alias:

      • To be able to select caPubs content from a list of CAs (multiple, order can be defined)
      • To be able to select extraCerts content from a list of CAs (multiple, order can be defined)

      2. Changes to how Vendor Certificates are handled:

      • Customer want to to be able to retrieve several certificates (from multiple end entities) using the same Vendor Certificate (a certificate inserted into a device during manufacture, to allow for later retrieval of the proper certificate). Today the VC must have the same DN as the final certificate, which is how one is linked to the other. In order to be able to use a VC for a certificate(s) other than its subject DN, I would suggest creating a new field in ExtendedInformation where a serial number to a VC can be specified. The CSR will specify the SubjectDN of the sought certificate, so from there it can be sought, retrieved and checked against the ID of the VC.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                anjakobs Andres Jakobs
                Reporter:
                mikek Mike Agrenius Kushner
                Verified by:
                Tomas Gustavsson
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 4 weeks
                  4w
                  Remaining:
                  Remaining Estimate - 4 weeks
                  4w
                  Logged:
                  Time Spent - Not Specified
                  Not Specified