rhcs81 caManualRenewal with original profile modified for empty params.name creates root CA subject DN
Version-Release number of selected component (if applicable): Red Hat Enterprise Linux Server release 5.9 (Tikanga) redhat-ds-base-8.2.11-5.el5dsrv pki-ca-8.1.5-1.el5pki
How reproducible: always
Steps to Reproduce: 1.have user directory 2.have CA 3.duplicate profile caDirUserCert 4. modify subjectNameConstraintImpl to add a params:
policyset.set1.1.constraint.class_id=subjectNameConstraintImpl policyset.set1.1.constraint.name=Subject Name Constraint policyset.set1.1.constraint.params.pattern=.* policyset.set1.1.default.class_id=subjectNameDefaultImpl policyset.set1.1.default.name=Subject Name Default policyset.set1.1.default.params.name=$request.auth_token.tokenCertSubject$
Actual results: a certificate is issued but the subject DN is unexpected, it is the root CA (!)
Proposed Milestone: 10.2.3 (per CS Meeting of 09/17/2014)
Per Dogtag 10.2.X meeting of 01/14/2015: Milestone 10.2.2
pushed to master commit 98b2407eef642cd95296c972393b0c0db46230be
Metadata Update from @nkinder: - Issue assigned to cfu - Issue set to the milestone: 10.2.2
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/1389
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Login to comment on this ticket.