Closed semik closed 2 months ago
Using the API for uploading and marking the CA certificate as trusted is working properly, also based on your script and screenshot, the Trusted CA
property is changed.
The validation of certificate is triggered periodically and using the algorithms described here: https://docs.czertainly.com/docs/certificate-key/concept-design/core-components/certificate#validation.
The validation of certificate is handled using the updateCertificateStatusJob
scheduled job that is triggered once per hour and should check 1/24 of certificates, eventually it should cover validity of all certificates once per day.
The validation of certificate is also triggered independently of the scheduled job when you request details about the certificate using the Get Certificate Details API.
So when you mark CA certificate as trusted, the certificates that are issued by this CA will be validated according the algorithm described.
I do not consider this behaviour as bug.
I accepts your arguments, this is not a bug. I misunderstood meaning of trustedCA and validation.
I modified my script to call validation (not just getting certs detail) after setting trustedCA = true
, and it started working. Code is now in company repo.
Thanks for explanation. I'm closing this issue.
Describe the bug
CA certificate uploaded via API not trusted even when marked as trusted.
I wrote script which first uses
/api/v1/certificates/upload
to upload a certificate. From this call it receives UUID of the cert, after that it marks the certificate as trusted by calling/api/v1/certificates/<UUID>
with body:But in UI it still marked as untrusted in Certificate list. I need to visit certificate detail which causes that cert is now trusted. Without any action from my side.
Certificates get really trusted after 24h when automatic update job started to work on them.
To Reproduce
Use API to upload and mark certificate as trusted. My script: upload-cert.py.
Expected behavior
I expected that after marking certificate trusted via API, CZERTAINLY immediately start to trust them.
Screenshots Please note black dot in front of TWCA Root Certification Authority:
When I click on CA name it displays detail. The Trusted CA switch was ON (because of fact I set it wia API call) Sometimes I noted that Validation Status switched from black to green Valid. Sometimes the action was not visible and page loaded with Valid status:
When I return back to Certificate list, TWCA Root Certification Authority is marked as trusted:
Additional context
I was testing on CZERTAINLY version 2.11.0