Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-6838

PeerPublisher and PeerSyncTask to only publish required data for OCSP responder to work if a leaf certificate is published

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: PKI core, Protocols
    • Labels:

      Description

      Add a parameter 'dontStoreCertificateMetadata' (default = false) and functionality to PeerPublisher and PeerSyncTask
      to only publish required data for OCSP if a leaf certificate is published (no CA or OCSP signing certificates).
      Re-factor preprocessing in PeerPublisher.storeCertificate(final CertificateData certificateData, final Base64CertData base64CertData)
      and PeerSyncTask.push(final FingerprintAndHint fingerprintAndHint); remove code dublications.

      Extend PeerPublishMessageListener.handleCertificate(final PublishCertificateMessage request, final EjbBridgeSessionLocal ejbBridgeSession)
      to populate certificate metadata to be stored with dummy values, because of the not null constraints of the certificatedata table fields,
      if not done while message sending already.

      Data not transmitted, or replaced by dummy values if the new option is enabled is:

      • endEntityProfileId
      • notBefore
      • expireDate
      • subjectDN
      • subjectAltName
      • subjectKeyId
      • username

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              anjakobs Andres Jakobs
              Reporter:
              anjakobs Andres Jakobs
              Verified by:
              Henrik Sunmark
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 5 hours
                  5h
                  Remaining:
                  Time Spent - 30 minutes Remaining Estimate - 4 hours, 30 minutes
                  4h 30m
                  Logged:
                  Time Spent - 30 minutes Remaining Estimate - 4 hours, 30 minutes
                  30m