dogtagpki / pki

The Dogtag Certificate System is an enterprise-class Certificate Authority (CA) which supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management.
https://www.dogtagpki.org
GNU General Public License v2.0
378 stars 138 forks source link

Certificate subjectdn and nickname parameters #1747

Open pki-bot opened 4 years ago

pki-bot commented 4 years ago

This issue was migrated from Pagure Issue #1184. Originally filed by saipandi on 2014-10-15 17:37:57:


For the CA installer tests I tested, giving the same subjectdn for two certificates, the same nickname for two certificates and an empty nickname for a certficate.

When I give the same subjectdn or nickname for two certs, the installation fails but "Installation Failed" is the only error I get, there should be a more descriptive error. A check should be kept for the subjectdns and nicknames to verify their uniqueness.

Also, if we give an empty nickname on the other hand, a NULL certificate gets created and the installatoion goes through fine but on executing the pk12util command we get a segmentation fault. So a check should be kept for the empty nickname provided by the user and if that is the case, then the default nickname can be taken or an error message can be given.

pki-bot commented 4 years ago

Comment from saipandi at 2014-10-15 21:32:07

Also, while checking for invalid key sizes for a certificate I get a non-descriptive "Installation Failed" error. A check for valid key sizes should be kept.

pki-bot commented 4 years ago

Comment from saipandi at 2017-02-27 14:03:03

Metadata Update from @saipandi: