Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-8482

Fix call of ACME operations with explicit ACME alias

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 7.3.0
    • Component/s: Protocols
    • Labels:
      None
    • Environment:
      ACME clients

      Description

      1. Fix IndexOutOfBoundsException thrown in AcmeJwsHelper.verifyRequestAuthentication when the ACME service is called with explicit alias (i.e. http://localhost:8442/ejbca/acme/directory?configurationId=myAcmeAlias).
      2. Some ACME clients cut the URL query string with an ACME configuration ID specified (i.e. PJAC setting the server URL with -u parameter). -> With a URL rewrite filter, requests with an ACME configuration ID in the URL path (i.e. http://localhost:8442/ejbca/acme/myAcmeAlias/directory) can be rewritten to its query string counterpart and internally forwarded. After reverse rewriting all URLs in the AcmeEndPoint, the ACME client receives the correct URL in the HTTP and JWS messages..
      3. Add a system test for ACME account management and certificate life cycle (for both: alias specified in URL path or query string.

        Attachments

          Activity

            People

            Assignee:
            anjakobs Andres Jakobs
            Reporter:
            anjakobs Andres Jakobs
            Verified by:
            Henrik Sunmark
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: