CRLIP does not refresh CRL info from LDAP when re-initialised.

[pki-bot]

This issue was migrated from Pagure Issue #3085. Originally filed by ftweedal (@frasertweedale) on 2018-12-20 01:59:12:

• Closed at 2019-04-30 21:47:59 as fixed
• Assigned to ftweedal (@frasertweedale)

---

See https://pagure.io/freeipa/issue/7815#comment-547193 for original analysis.

In brief, if CRLIP gets disabled, then later re-enabled, via caadmin interface (or other online interface), it will not refresh CRL data from LDAP. If some other clone was generating CRLs in the meantime, the CRL number will be wrong.

The CRLIP must reload the latest CRL from LDAP when it gets reinitialised.

[pki-bot]

Comment from ftweedal (@frasertweedale) at 2018-12-20 05:48:22

Metadata Update from @frasertweedale:

• Issue assigned to frasertweedale

[pki-bot]

Comment from ftweedal (@frasertweedale) at 2019-01-09 07:12:14

PR: https://github.com/dogtagpki/pki/pull/138

[pki-bot]

Comment from ftweedal (@frasertweedale) at 2019-01-09 07:12:15

Metadata Update from @frasertweedale:

• Custom field component adjusted to None
• Custom field feature adjusted to None
• Custom field origin adjusted to None
• Custom field proposedmilestone adjusted to None
• Custom field proposedpriority adjusted to None
• Custom field reviewer adjusted to None
• Custom field type adjusted to None
• Custom field version adjusted to None

[pki-bot]

Comment from ftweedal (@frasertweedale) at 2019-04-30 21:48:00

Merged to master:

• 2ef387ed0ce5daee2802faa9b7e093e7bf55f174 CRLIssuingPoint: reinit from LDAP when re-enabled
• 37f7f137494d4c6db410c19c643908362e5abc62 CRLIssuingPoint: use enum for status
• 51682952cc01977fa7f0ad79a94b76ede0598f7b CRLIssuingPoint: drive-by cleanups

[pki-bot]

Comment from ftweedal (@frasertweedale) at 2019-04-30 21:48:01

Metadata Update from @frasertweedale:

• Issue close_status updated to: fixed
• Issue status updated to: Closed (was: Open)