Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-7980

Not possible to add all end entity profiles to a peer system rule

    Details

    • Provenance:
      Internal Delivery
    • Issue discovered during:
      Testing
    • Sprint:
      EJBCA Team Alice - 2019 w37

      Description

      In the configuration of the role for a peer connector (Peer systems/Peer connector/Authorized requests), it's not possible to add all end entity profiles but only enable every single profile defined. This means that in the advanced mode of the role every end entity is allowed but not /endentityprofilesrules/.

      This cause problems when an RA role created in the admin gui has End Entity Profiles set to all, because then /endentityprofilesrules/ for the role is set to allowed but the tunnel is not. This leads to that the RA role is not visible through the tunnel as it has higher privileges than the tunnel itself.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              bastianf Bastian Fredriksson
              Reporter:
              berke Kerim Bergström
              Verified by:
              Kerim Bergström
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 1 hour, 30 minutes
                  1h 30m