Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-8813

Show a warning when basic constraints are violated

    Details

    • Provenance:
      Ordered by Customer
    • Issue discovered during:
      Customer
    • Sprint:
      EJBCA Team Bob - 2020 w2

      Description

      At least show a warning message when a CA with PathLenght=0 try to issue another SubCA.
      Otherwise , this situation will create a certificate non-compliant with RFC5280 Path Validation, section 6.1.4, because Path Validation will fail.

      From RFC

      (l) If the certificate was not self-issued, verify that

      max_path_length is greater than zero and decrement

      max_path_length by 1.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              bastianf Bastian Fredriksson
              Reporter:
              rubinaa Rubina Akram
              Verified by:
              Tomas Gustavsson
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 2 hours
                  2h