On 1/10/2013 7:52 AM, Endi Sukma Dewata wrote:
The certificate REST service has been modified to validate
nonce when revoking a certificate.
Ticket #213
I retested the patch, it works as expected with nonces enabled & disabled.
In most cases you'll get a proper error message (e.g. You did not
provide a valid certificate) if you don't provide the required client
cert. The only thing is that if you do a cert-request-approve using
username & password you'll get an internal error, but this is an
existing problem and we don't support that scenario.
--
Endi S. Dewata