Unmaintained repository. Development moved to: https://github.com/nordic-institute/X-Road-development
19
stars
8
forks
source link
As a Security Server Administrator I want to see trusted root and intermediate certificates and their OCSP responses' status in the Security Server UI so that it's easier to debug OCSP related problems #228
Affected components: proxy-ui
Affected documentation: Security Server User Guide (UG-SS)
Estimated delivery: Q2 / 2018
External reference: https://jira.csc.fi/browse/PVAYLADEV-1137
Problem
If root/intermediate certificate's OCSP response is not available or it's invalid opening a connection fails and the error below is thrown:
OCSP response indicates certificate status is REVOKED/UNKNOWN).
Despite the problem the Security Server UI says that the status of the OCSP response is good. The UI shows only the status of the certificate's own OCSP response and not the whole certificate chain.
For the Security Server administrator it would be useful to see all the root and intermediate certificates and their OCSP responses that are defined trusted within an X-Road instance. This information should be available in the Security Server UI.
Acceptance criteria
Security Server UI shows the status of CA certificates and their OCSP responses
Affected components: proxy-ui Affected documentation: Security Server User Guide (UG-SS) Estimated delivery: Q2 / 2018 External reference: https://jira.csc.fi/browse/PVAYLADEV-1137
Problem
If root/intermediate certificate's OCSP response is not available or it's invalid opening a connection fails and the error below is thrown:
OCSP response indicates certificate status is REVOKED/UNKNOWN).Despite the problem the Security Server UI says that the status of the OCSP response is
good. The UI shows only the status of the certificate's own OCSP response and not the whole certificate chain.For the Security Server administrator it would be useful to see all the root and intermediate certificates and their OCSP responses that are defined trusted within an X-Road instance. This information should be available in the Security Server UI.
Acceptance criteria