I tested myself by pointing to mharmsen's system, seems to work fine.
Conditional ACK on the patch, just remove some of the entries in we were not
sure
you needed. We tested with just the bare minimum and it works.
----- Original Message -----
From: "Matthew Harmsen" <mharm...@redhat.com>
To: "pki-devel" <pki-devel@redhat.com>
Sent: Tuesday, May 3, 2016 11:42:02 AM
Subject: [Pki-devel] [PATCH] Fixed adminEnroll servlet browser import issue
Please review the attached patch which addresses:
* PKI TRAC Ticket #1669 - adminEnroll servlet EnrollSuccess.template
succeeds but fails on import into browser
This was tested on Fedora 23 by doing the following:
* installed and configured a CA
* Successfully tested enrollment in a browser after importing the original
Admin certificate
* systemctl stop pki-tomcatd@pki-tomcat.service
* edited /etc/pki/pki-tomcat/ca/CS.cfg to set:
* ca.Policy.enable=true
* cmsgateway.enableAdminEnroll=true
* systemctl start pki-tomcatd@pki-tomcat.service
* created a new Firefox profile
* traversed to the EE page, went to the Retrieval tab, imported the CA
cert, and trusted it
* within this new profile, traversed to
https://pki.example.com:8443/ca/admin/ca/adminEnroll.html , and filled out the
form
* with this patch installed, it should generate a new admin certificate and
import it successfully into this new profile -- to check, attempt to use the
imported admin certificate to traverse to the Agents page
_______________________________________________
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
_______________________________________________
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
