Bug #46557
Fix serial issue in certificate chain
Seen in:
Severity:
Med High
Reason for Closing:
Reason for Blocked:
Needs QA:
No
Needs Doc:
No
Needs Merging:
No
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:
ChangeLog Required:
No
Description
Serials are not unique in a chain which results in certificate being rejected by Firefox
Risk
We risk breaking the serial functionality as a whole which will cause issues within chains of certs as they might get rejected because of invalid serial values
Acceptance Criteria
A CA should be made first, let's say it is 'ca1'. Then we make an intermediary CA with name 'ca2'. Finally we make a certificate using 'ca2'. Now when we do a midclt call for each of these 3 certs, each should have a unique serial number
Associated revisions
Fix serial issue in crypto plugin
This commit fixes a bug which caused serials among a chain to be repeated resulting in issues with acceptance of the chain.
Ticket: #46557
History
#1
Updated by Waqar Ahmed about 2 years ago
Updated by Waqar Ahmed - Status changed from Unscreened to In Progress
#2
Updated by Bug Clerk about 2 years ago
Updated by Bug Clerk - Status changed from In Progress to Ready for Testing
#3
Updated by Dru Lavigne about 2 years ago
Updated by Dru Lavigne - Needs Doc changed from Yes to No
- Needs Merging changed from Yes to No
#4
Updated by Dru Lavigne almost 2 years ago
- Subject changed from Fix serial issue in crypto plugin to Fix serial issue in certificate chain
#5
Updated by Bonnie Follweiler almost 2 years ago
Updated by Bonnie Follweiler - Status changed from Ready for Testing to Passed Testing
- Needs QA changed from Yes to No
#7
Updated by Dru Lavigne almost 2 years ago
- Status changed from Passed Testing to Done