Issue #1247: Better error message when try to renew a certificate that expires outside renewal grace period - dogtagpki

dogtagpki

#1247 Better error message when try to renew a certificate that expires outside renewal grace period

Closed: Fixed None Opened 9 years ago by mharmsen.

A better error message is required when a renewal request made to a certificate
outside renewal grace period.

Steps to Reproduce:
1. caUserCert profile has this renewal policy:

policyset.userCertSet.list=1,10,2,3,4,5,6,7,8,9
policyset.userCertSet.10.constraint.class_id=renewGracePeriodConstraintImpl
policyset.userCertSet.10.constraint.name=Renewal Grace Period Constraint
policyset.userCertSet.10.constraint.params.renewal.graceBefore=30
policyset.userCertSet.10.constraint.params.renewal.graceAfter=30
policyset.userCertSet.10.default.class_id=noDefaultImpl
policyset.userCertSet.10.default.name=No Default

Create a certificate that expires in 31 days using profile caUserCert.
From CA EE page select Renewal:Renew certificate to be manually approved by
agents and provide serial number in decimal and click submit.

Actual results:

Sorry, your request has been rejected. The reason is "Request rejected - {0}"

Expected results:

Sorry, your request has been rejected. The reason is "Request rejected -
Outside of Renewal Grace Period: 30 days before and 30 days after original
expiration date.". (Message that's displayed in CS 8.1 environment)

mharmsen commented 7 years ago

Per Bug Triage of 05/05/2016: 10.3.1

NOTE: See if fixing this bug also fixes [Bugzilla Bug #1249400 - CA EE: Submit caUserCert request without uid does not show proper error message] and by association, https://fedorahosted.org/pki/ticket/1536 PKI TRAC Ticket #1536 - CA EE: Submit caUserCert request without uid does not show proper error message

vakwetu commented 7 years ago

This should be fixed by the fix in :

commit 65c7652926aedfd88b80386a9059b46e7e9e5af9
Author: Ade Lee alee@redhat.com
Date: Sat May 7 00:06:08 2016 -0400

Fix error output when request is rejected

With this fix, error messages are returned to the user when
a request is rejected - either in the UI or from the pki CLI.

Trac Ticket 1247 (amongst others)

Rejected requests should now show a proper error message.

Metadata Update from @mharmsen:
- Issue set to the milestone: 10.3.8

7 years ago

dmoluguw commented 3 years ago

Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new
issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.

This issue has been cloned to GitHub and is available here:
https://github.com/dogtagpki/pki/issues/1809

If you want to receive further updates on the issue, please navigate to the
GitHub issue and click on Subscribe button.

Thank you for understanding, and we apologize for any inconvenience.

Metadata

Assignee

None

Tags

None

Blocking

None

Depending on

None

Priority

major

Milestone

10.3.8

lowhangingfruit

None

reporter

None

rhbz

https://bugzilla.redhat.com/show_bug.cgi?id=1182353
https://bugzilla.redhat.com/show_bug.cgi?id=1249400

type

defect

version

None

keywords

None

estimate

None

feature

None

origin

Community

proposedpriority

None

fixedinversion

None

platforms

None

blockedby

None

blocking

None

reviewer

None

component

proposedmilestone

None

dogtagpki

Source Code

#1247 Better error message when try to renew a certificate that expires outside renewal grace period Closed: Fixed None Opened 9 years ago by mharmsen.

Metadata

#1247 Better error message when try to renew a certificate that expires outside renewal grace period

Closed: Fixed None Opened 9 years ago by mharmsen.