17.54 KB, patch
|Details | Diff | Splinter Review|
I have setup a CMS4.2SP2, and have installed NS6.1PR1. I went to CMS's end-user Retrieval > Import CA Certificate Chain page. And Selected "Import the CA Certificate chain into your browser". Now, this is a subordinate CA. Its chains contains the subordinate CA's certificate and also the root CA's certificate. PSM only imported the subordinate-CA certificate. (FYI, the old browser, communicator 4.7 without PSM would only import the root certificate). The correct behaviour is to import both certificates.
Assignee: ssaux → javi
Status: UNCONFIRMED → NEW
Ever confirmed: true
Priority: -- → P1
Target Milestone: --- → 2.1
junruh. We don't seem to have a certificate chain on your test environment that has more than one level. P1 t->2.1 ->javi
Reporter, can you try this again with today's build? I believe that this was fixed with bug 84201.
Just setup a sub ca, and use the latest PSM (07-20). Problem persists. http://184.108.40.206:1024/GetCAChain.html
I've added a test to import a subordinate root CA at http://junruh.mcom.com/tests.html under "Get Roots CAs"
adding nsenterprise to all P1, P2 PSM bugs with target milestone of 2.1
The test site is no longer up, can we get a permanent test site deplyed to test against?
Mass assigning QA to ckritzer.
QA Contact: junruh → ckritzer
We've got an internal site that has a multiple cert chain. http://juggler.red.iplanet.com:81/ This is how I see the bug right now: CMS sends us PKCS 7 signed blob, but sends the mime type of application/x-x509-ca-cert. PSM interprets this to mean only *one* CA is about to be delivered. Is the application/x-x509-ca-cert always a PKCS7 Signed blob? If so, then we have to make our code smarter. If not, then there's a bigger problem that will required changes to both CMS and the client.
Created attachment 46152 [details] [diff] [review] Patch to enable downloading multiple CA's in one blob.
adding review keyword.
Have been trying to get this super reviewed since Friday. Just sent a request to tor asking for a review.
patch checked in.
Status: NEW → RESOLVED
Last Resolved: 17 years ago
Resolution: --- → FIXED
Marking VERIFIED FIXED on: - MacOS91 2001-08-22-08-trunk (commercial) - MacOS_X 2001-08-22-05-trunk (mozilla) - LinRH62 2001-08-22-08-trunk (commercial) - Win98SE 2001-08-22-06-trunk (commercial)
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.