View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0000790 | Main CAcert Website | organisational section | public | 2009-11-13 02:36 | 2015-03-10 20:35 |
Reporter | law | Assigned To | NEOatNHNG | ||
Priority | normal | Severity | feature | Reproducibility | N/A |
Status | closed | Resolution | fixed | ||
Product Version | 2014 Q3 | ||||
Target Version | 2014 Q3 | Fixed in Version | 2014 Q4 | ||
Summary | 0000790: Creating organisation client certs by pasted CSR | ||||
Description | It would be good to be able to issue organisational client certificates by pasted CSR. So it would not require to have the private key on the Org-Admins machine. | ||||
Tags | No tags attached. | ||||
Reviewed by | NEOatNHNG, BenBE | ||||
Test Instructions | https://bugs.cacert.org/view.php?id=790#c5026 | ||||
duplicate of | 0000363 | closed | Organisational Client Certificate CSRs | |
related to | 0001156 | new | Search fields and pagination | |
related to | 0000824 | closed | Uli60 | Organisation User Certificates: Need UI improvement for proper production usage |
related to | 0001101 | needs work | TimoAHummel | general rewrite of get info from csr routine in includes/general.php |
related to | 0001205 | confirmed | Refactor certificate creation routines into /includes/notary.inc.php | |
related to | 0001251 | new | have the possibility to push a file with multiple client csr requests to the Organisation Section |
|
As most parts of this feature are already implemented (but dont have a UI), I added the UI and added this feature with as few changes as possible. https://github.com/yellowant/cacert-devel/tree/bug-790 |
|
Create a org client certificate with CSR: Have a valid organisation in the account. Create a client certificate. Instead of using the Browser-Generation paste a CSR below. Check the generated certificate. The test is passed if the certificate is generated as desired. (correct email, correct key, ...) |
|
I pushed an update that fixes the headers of the pem-armoring. https://github.com/yellowant/cacert-devel/tree/bug-790 |
|
On the entry page (account.php/16) there needs to be an hint how to use the CSR. eg: Enter the name, email and if applicable OU goto next there you can paste the CSR |
|
Updated texts, should be tested. |
|
I used a CSR from my personal test account. The CSR was processed. => ok The checking the data in the returned key shows that the personal data was replaced by tha data from the form and the org account. => ok => ok |
|
I generated a CSR in "XCA" I used Organisation "Pink Acme Arg" and Domain "pink.org" for the Request. My Account is being used for this Test with Email "...@pink.org" The CSR was worked correct, and the signed Certificate was reimported successfully into XCA. The Test was successful. |
|
I generate a CSR with XCA I enter in XCA a different email addresses idefixx@gallien.ga CSR: SEQUENCE(2 elem) OBJECT IDENTIFIER1.2.840.113549.1.9.1 IA5Stringidefixx@gallien.ga SEQUENCE(7 elem) SET(1 elem) SEQUENCE(2 elem) OBJECT IDENTIFIER2.5.4.6 PrintableStringFR SET(1 elem) SEQUENCE(2 elem) OBJECT IDENTIFIER2.5.4.8 PrintableStringGallien SET(1 elem) SEQUENCE(2 elem) OBJECT IDENTIFIER2.5.4.7 PrintableStringAremorica SET(1 elem) SEQUENCE(2 elem) OBJECT IDENTIFIER2.5.4.10 TeletexStringObelix GmbH & Co. KG SET(1 elem) SEQUENCE(2 elem) OBJECT IDENTIFIER2.5.4.11 PrintableStringDog SET(1 elem) SEQUENCE(2 elem) OBJECT IDENTIFIER2.5.4.3 PrintableStringIdefix => OK |
|
Review OK. Mail sent to critical admins. |
|
The fix has been installed on the production server on December 5, 2014. See also: https://lists.cacert.org/wws/arc/cacert-systemlog/2014-12/msg00005.html |
Date Modified | Username | Field | Change |
---|---|---|---|
2009-11-13 02:36 | law | New Issue | |
2011-05-15 08:47 | law | Relationship added | duplicate of 0000363 |
2011-05-15 18:06 | Ted | Relationship added | related to 0000824 |
2013-01-07 22:00 | Werner Dworak | Relationship added | related to 0001101 |
2013-04-27 21:06 | BenBE | Assigned To | => INOPIAE |
2013-04-27 21:06 | BenBE | Status | new => needs work |
2013-08-20 16:40 | Uli60 | Relationship added | related to 0001205 |
2014-02-22 07:45 | INOPIAE | Relationship added | related to 0001156 |
2014-02-22 08:10 | INOPIAE | Relationship added | related to 0001251 |
2014-09-23 21:20 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable bd982b20 |
2014-09-23 21:20 | felixd | Source_changeset_attached | => cacert-devel testserver-stable 408c0384 |
2014-09-23 21:50 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable 93cab2be |
2014-09-23 21:50 | felixd | Source_changeset_attached | => cacert-devel testserver-stable de06286a |
2014-09-23 22:01 | felixd | Note Added: 0005025 | |
2014-09-23 22:05 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable 3274bb6e |
2014-09-23 22:06 | felixd | Note Added: 0005026 | |
2014-09-23 22:08 | felixd | Test Instructions | => https://bugs.cacert.org/view.php?id=790#c5026 |
2014-09-23 22:08 | felixd | Status | needs work => needs review & testing |
2014-09-23 22:08 | felixd | Product Version | => 2014 Q3 |
2014-09-23 22:08 | felixd | Target Version | => 2014 Q3 |
2014-09-23 22:11 | MartinGummi | Description Updated | |
2014-09-23 22:27 | felixd | Note Added: 0005027 | |
2014-10-07 20:05 | INOPIAE | Note Added: 0005045 | |
2014-10-07 21:17 | BenBE | Reviewed by | => BenBE |
2014-10-07 21:17 | BenBE | Note Added: 0005046 | |
2014-10-07 21:20 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable 85c46974 |
2014-10-07 21:20 | felixd | Source_changeset_attached | => cacert-devel testserver-stable 7c3691bc |
2014-10-07 21:20 | felixd | Source_changeset_attached | => cacert-devel testserver-stable 46a2e46f |
2014-10-07 21:20 | felixd | Source_changeset_attached | => cacert-devel testserver-stable c980e162 |
2014-10-07 21:27 | INOPIAE | Note Added: 0005047 | |
2014-11-26 18:50 | StefanT | Note Added: 0005131 | |
2014-11-26 22:39 | BenBE | Assigned To | INOPIAE => NEOatNHNG |
2014-11-26 22:39 | BenBE | Status | needs review & testing => needs review |
2014-12-02 21:54 | MartinGummi | Note Added: 0005154 | |
2014-12-05 00:28 | NEOatNHNG | Reviewed by | BenBE => NEOatNHNG, BenBE |
2014-12-05 00:28 | NEOatNHNG | Note Added: 0005160 | |
2014-12-05 00:28 | NEOatNHNG | Status | needs review => ready to deploy |
2014-12-05 00:35 | NEOatNHNG | Source_changeset_attached | => cacert-devel release 5596d4a3 |
2014-12-05 09:18 | wytze | Note Added: 0005163 | |
2014-12-05 09:18 | wytze | Status | ready to deploy => solved? |
2014-12-05 09:18 | wytze | Fixed in Version | => 2014 Q4 |
2014-12-05 09:18 | wytze | Resolution | open => fixed |
2015-03-10 20:35 | INOPIAE | Status | solved? => closed |