Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-6632

CMP: don't include trust anchor in extraCert certificate list to verify

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 6.11.1
    • Component/s: None
    • Labels:
      None

      Description

      When verifying extraCerts chain it may contain also the root certificate. The Root certificate is however added as a trust anchor to the PathValidation and does not need to be included in the cert list. In fact, if it is included in the cert list, and not put last, it will cause PathValidation to fail.

        Attachments

          Activity

            People

            • Assignee:
              tomas Tomas Gustavsson
              Reporter:
              tomas Tomas Gustavsson
              Verified by:
              Mike Agrenius Kushner
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: