Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 6.13.0
    • Component/s: None
    • Sprint:
      EJBCA Sprint 12 (2 weeks)

      Description

      During a key ceremony, the auditors need a copy of all CA certificate fingerprints. This is typically achieved by downloading all CA certificates from the RA web and computing the fingerprint using OpenSSL.

      To streamline this process, I suggest that we implement a button called "Get fingerprints" located on the page: ejbca/ra/cas.xhtml

      When you click this button, EJBCA computes one fingerprint of every public key in the accessible crypto tokens, along with the fingerprints of all CA certificates on the system, together with a timestamp and information about the hash algorithm used to compute the fingerprints (for instance SHA-256). This information is shown as a text or HTML page which can be printed from the browser.

      There should also be a button to download a zip file with all CA certificates which can be saved to the auditor's USB stick.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                bastianf Bastian Fredriksson
                Reporter:
                bastianf Bastian Fredriksson
                Verified by:
                Samuel Lidén Borell
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 1 day
                  1d
                  Remaining:
                  Time Spent - 5 hours Remaining Estimate - 3 hours
                  3h
                  Logged:
                  Time Spent - 5 hours Remaining Estimate - 3 hours
                  5h