Missing authority ID in LWCA signing audit events.

[pki-bot]

This issue was migrated from Pagure Issue #2839. Originally filed by edewata (@edewata) on 2017-10-23 17:18:45:

• Assigned to nobody

---

Ticket 2654 added new signing info audit events at startup time to record which keys will be used by each CA (i.e. host CA or LWCA) for cert and OCSP signing later. However, at the actual cert or OCSP signing itself, the current audit event does not indicate which LWCA actually does the signing so the key cannot be determined. To fix the problem, the cert and OCSP signing events for LWCA should be modified to include the LWCA ID (i.e. authority ID).

Cert signing:

• https://github.com/dogtagpki/pki/blob/e16be807c2cca6d717dad550343b6aeff347d91b/base/ca/src/com/netscape/ca/CAService.java#L862

OCSP signing:

• https://github.com/dogtagpki/pki/blob/e16be807c2cca6d717dad550343b6aeff347d91b/base/ca/src/com/netscape/ca/CertificateAuthority.java#L2437
• https://github.com/dogtagpki/pki/blob/e16be807c2cca6d717dad550343b6aeff347d91b/base/server/cms/src/com/netscape/cms/ocsp/DefStore.java#L406
• https://github.com/dogtagpki/pki/blob/e16be807c2cca6d717dad550343b6aeff347d91b/base/server/cms/src/com/netscape/cms/ocsp/LDAPStore.java#L353

[pki-bot]

Comment from mharmsen (@mharmsen) at 2017-10-31 16:43:23

Metadata Update from @mharmsen:

• Custom field component adjusted to None
• Custom field feature adjusted to None
• Custom field origin adjusted to None
• Custom field proposedmilestone adjusted to None
• Custom field proposedpriority adjusted to None
• Custom field reviewer adjusted to None
• Custom field type adjusted to None
• Custom field version adjusted to None
• Issue set to the milestone: 0.0 NEEDS_TRIAGE

[pki-bot]

Comment from mharmsen (@mharmsen) at 2017-11-09 14:06:39

Per PKI Team Meeting of 20171109: Future

[pki-bot]

Comment from mharmsen (@mharmsen) at 2017-11-09 14:06:42

Metadata Update from @mharmsen:

• Issue set to the milestone: FUTURE (was: 0.0 NEEDS_TRIAGE)