Hi, updated packages as well as a new docker container are online.
Oliver Am 09.03.22 um 14:17 schrieb Jeroen Lamain via OpenXPKI-users: > > Hi Oli, > > > > Nice, thanks. Will the whiterabbitsecurity/openxpki3:latest docker > image also be updated? > > > > Best regards, > > Jeroen > > > > > > *From:*Oliver Welter <[email protected]> > *Sent:* woensdag 9 maart 2022 08:41 > *To:* [email protected] > *Subject:* Re: [OpenXPKI-users] enroll certificate with > auto_revoke_existing_certs option > > > > Hi Jeroen, > > > > this is bug caused by a regression problem by an underlying library - > we will ship an updated package by the end if the week latest. > > > > Oli > > > > Am 08.03.22 um 15:54 schrieb Jeroen Lamain via OpenXPKI-users: > > Hi all, > > > > I’m using EST to enroll a new certificate. That works OK. > > After the first certificate, for testing purposes, I’m trying to > enroll a new certificate with an already used Common Name. > > (the common name is filled in with a unique device id) > > > > When using these options it works as expected, i.e. it generates a > "400 Bad Request" mentioning that a certificate for that CN > already exists: > > max_active_certs:1 > > auto_revoke_existing_certs:0 > > > > However, when using these options: > > max_active_certs:1 > > auto_revoke_existing_certs:1 > > > > The EST endpoint returns a 500 Unexpected Response from backend. > > The new certificate is correctly issued (but not returned). > > Apparently, it started to revoke the old certificate, but 'crashed': > > > > I get an error revoking the previous certificate: > > 2022/03/08 15:19:47 openxpki.application.WARN > I18N_OPENXPKI_UI_ERROR_VALIDATOR_INVALIDITYTIME_INVALID_IDENTIFIER > > [pid=106|user=Anonymous|role=System|sid=BL+J|wftype=certificate_revocation_request_v2|wfid=8703] > > 2022/03/08 15:19:47 OpenXPKI.Server.Workflow.ERROR Caught > exception from action: > I18N_OPENXPKI_UI_ERROR_VALIDATOR_INVALIDITYTIME_INVALID_IDENTIFIER; > reset workflow to old state > 'REVOKE_CERTS_ENROLL_GET_NEXT_CERT_TO_REVOKE_0' > > [pid=106|user=Anonymous|role=System|sid=BL+J|wftype=certificate_revocation_request_v2|wfid=8703] > > 2022/03/08 15:19:47 openxpki.workflow.DEBUG Executing database > ROLLBACK (requested by workflow engine) > > [pid=106|user=Anonymous|role=System|sid=BL+J|wftype=certificate_revocation_request_v2|wfid=8703] > > > > When looking in the UI, the message suggest that the certificate > ID is incorrect, but when I look in the workflow context, the > certificate id’s point to the correct ids (cert_identifier to the > new, revoke_cert_identifier to the old), and they can be clicked. > > According to the logs, the problem has something to do with > "INVALIDITYTIME" though. > > > > Note that it is possible to 'manually' revoke the certificate > using the UI. > > > > How can I solve/debug this error? > > > > Best regards, > > > > Jeroen > > > > > _______________________________________________ > > OpenXPKI-users mailing list > > [email protected] > > https://lists.sourceforge.net/lists/listinfo/openxpki-users > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.sourceforge.net%2Flists%2Flistinfo%2Fopenxpki-users&data=04%7C01%7C%7C4e4cbf38c58a4699ad3608da01a0a102%7Cd943c27450b54a448dd8fadde63efa3c%7C0%7C0%7C637824086654531583%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=tru87JRmfkqgnFIrj8T5GHQzKX7mYU5o2bFjbvjcxUY%3D&reserved=0> > > > > -- > Protect your environment - close windows and adopt a penguin! > > > _______________________________________________ > OpenXPKI-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/openxpki-users -- Protect your environment - close windows and adopt a penguin!
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
