Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-7264

Re-use endentity for ACME cert renewal flow

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 6.15.0
    • Component/s: None
    • Labels:
      None
    • Epic Link:
    • Sprint:
      EJBCA Sprint 18, EJBCA Sprint 19

      Description

      Current situation:

      new  endentity is created each time a new ACME order is finalized. unfortunately that does not work well for ACME cert renewal flow, because "acme cert renewal" means just a new acme order and when a new endentity is tried to create hre, it fails because two endentities cannot have the same key.

       

      Desired situation:

      • when ACME order is finalized, its domain cert fingerprint should be stored to database with acme order.
      • when an endentity is needed for cert generation, first look for predecessing finalized (i.e. with status=valid) acme orders with the same domain key fingerprint. if any is found, lookup its associated endentity by username that is taken from that found acme order. if such an endentity exists, reuse it for cert generation process.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                tarmo_helmes Tarmo Raudsep
                Reporter:
                tarmo_helmes Tarmo Raudsep
                Verified by:
                Amin Khorsandi
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 2 days Original Estimate - 2 days
                  2d
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 2 days, 2 hours
                  2d 2h