Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-6632

CMP: don't include trust anchor in extraCert certificate list to verify

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 6.11.1
    • Component/s: None
    • Labels:
      None

      Description

      When verifying extraCerts chain it may contain also the root certificate. The Root certificate is however added as a trust anchor to the PathValidation and does not need to be included in the cert list. In fact, if it is included in the cert list, and not put last, it will cause PathValidation to fail.

        Attachments

          Activity

            People

            Assignee:
            tomas Tomas Gustavsson
            Reporter:
            tomas Tomas Gustavsson
            Verified by:
            Mike Agrenius Kushner
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: