Automatic key recovery when the token is terminated

[pki-bot]

This issue was migrated from Pagure Issue #2609. Originally filed by mharmsen (@mharmsen) on 2017-03-03 12:40:18:

• Assigned to nobody
• Associated bugzillas
  • https://bugzilla.redhat.com/show_bug.cgi?id=1427317

---

Automatic key recovery when the token is terminated

Steps to Reproduce:

1. MAke the following changes to TPS CS.cfg op.enroll.userKey.keyGen.encryption.recovery.terminated.holdRevocationUntilLast Credential=false op.enroll.userKey.keyGen.encryption.recovery.terminated.revokeCert=true op.enroll.userKey.keyGen.encryption.recovery.terminated.revokeCert.reason=1 op.enroll.userKey.keyGen.encryption.recovery.terminated.revokeExpiredCerts=false op.enroll.userKey.keyGen.encryption.recovery.terminated.scheme= GenerateNewKeyAndRecoverLast
2. Enroll a smartcard token
3. Mark the token terminated
4. Issue a new token for the user

Actual results:

New certificates are generated for the token

Expected results:

the new token should have the encryption cert on the terminated token recovered on it.

Additional info:

Attaching the log debug log info to associated bug.

[pki-bot]

Comment from mharmsen (@mharmsen) at 2017-03-03 12:40:19

Metadata Update from @mharmsen:

• Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1427317

[pki-bot]

Comment from mharmsen (@mharmsen) at 2017-03-03 12:40:19

Metadata Update from @mharmsen:

• Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1427317

[pki-bot]

Comment from mharmsen (@mharmsen) at 2017-03-03 18:54:29

Metadata Update from @mharmsen:

• Custom field component adjusted to General
• Custom field feature adjusted to ''
• Custom field origin adjusted to Community
• Custom field proposedmilestone adjusted to ''
• Custom field proposedpriority adjusted to ''
• Custom field reviewer adjusted to ''
• Custom field type adjusted to defect
• Custom field version adjusted to ''
• Issue priority set to: 3
• Issue set to the milestone: 10.4 (was: 0.0 NEEDS_TRIAGE)

[pki-bot]

Comment from mharmsen (@mharmsen) at 2017-08-09 12:36:57

Per CS/DS Meeting of August 7, 2017, it was determined to move this issue from 10.4 ==> FUTURE.

[pki-bot]

Comment from mharmsen (@mharmsen) at 2017-08-09 12:36:57

Metadata Update from @mharmsen:

• Issue set to the milestone: FUTURE (was: 10.4)