When using CZERTAINLY we encountered a bug. We have been trying to complete a Discovery from CA for all certificate templates. Probably because of insufficient hardware resources the Discovery simply froze with In Progress status. To our surprise, when we checked after few, maybe even ten days, the Discovery was somehow completed. It found the certificates from CA, but in the meantime (while first discovery was frozen) we have tried to do Discovery on the same CA only for one specific template (with less certificates), which run correctly and was completed after a few minutes.
The problem is, that frozen Discovery caused problems - more specifically, it created certificate duplicates, because the two discoveries had some identical certificates in terms of finding from the same certificate template.
I suggest to make a revision of pyadcs discovery process and how its coded to prevent potential similar scenario.
We can provide more details if needed, but in terms of logs it would be impossible to provide them, because we dont have them from that specific time.
When using CZERTAINLY we encountered a bug. We have been trying to complete a Discovery from CA for all certificate templates. Probably because of insufficient hardware resources the Discovery simply froze with In Progress status. To our surprise, when we checked after few, maybe even ten days, the Discovery was somehow completed. It found the certificates from CA, but in the meantime (while first discovery was frozen) we have tried to do Discovery on the same CA only for one specific template (with less certificates), which run correctly and was completed after a few minutes.
The problem is, that frozen Discovery caused problems - more specifically, it created certificate duplicates, because the two discoveries had some identical certificates in terms of finding from the same certificate template.
I suggest to make a revision of pyadcs discovery process and how its coded to prevent potential similar scenario.
We can provide more details if needed, but in terms of logs it would be impossible to provide them, because we dont have them from that specific time.