Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-8203

CA token sign test should not sign with the same key twice

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 7.2.0
    • Component/s: None
    • Labels:
    • Provenance:
      Ordered by Customer
    • Sprint:
      EJBCA Team Alice - 2019 w21

      Description

      When healthcheck.catokensigntest is enabled and the healthcheck servlet is invoked, a signature test is performed for each active CA with a key residing in a P11 token.

      However, if two CAs share the same test key, the signing operation is performed twice, once for each CA. This is unnecessary, instead we should keep track of keys already tested, and skip the CA token sign test for any subsequent CAs using a test key already marked as "tested".

        Attachments

          Activity

            People

            Assignee:
            bastianf Bastian Fredriksson
            Reporter:
            bastianf Bastian Fredriksson
            Verified by:
            Mike Agrenius Kushner
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 3 hours Original Estimate - 3 hours
                3h
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 3 hours, 1 minute
                3h 1m