gunnywong
commented
6 years ago Check the permissions on the certificate authority. That is where they need the revocation permission.
-JW
From: truemichael notifications@github.com Sent: Friday, August 3, 2018 10:41 AM To: CSIS/EnrollmentStation EnrollmentStation@noreply.github.com Cc: Subscribed subscribed@noreply.github.com Subject: [CSIS/EnrollmentStation] Enrollment Agents unable to revoke Yubikeys (#38)
We have a number of agents that can issue Yubikeys, but get the attached error when attempting to revoke. Others are able to issue, revoke and terminate on their enrollment station, so it appears to be permissions based. We have attempted revoke with the problem agents on several enrollment stations and they receive the same error.
[term-revok_error]https://user-images.githubusercontent.com/32553593/43657087-41665f88-9744-11e8-9f7b-d1c1bedbfc47.PNG
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHubhttps://github.com/CSIS/EnrollmentStation/issues/38, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AcBby5pnqxRlXdbUm9JR5orCWNo2l_D9ks5uNIsYgaJpZM4VuXj6.
We have a number of agents that can issue Yubikeys, but get the attached error when attempting to revoke. Others are able to issue, revoke and terminate on their enrollment station, so it appears to be permissions based. We have attempted revoke with the problem agents on several enrollment stations and they receive the same error.