Re: [Pki-devel] [PATCH] Fixed adminEnroll servlet browser import issue

I tested myself by pointing to mharmsen's system, seems to work fine. Conditional ACK on the patch, just remove some of the entries in we were not sure you needed. We tested with just the bare minimum and it works. ----- Original Message ----- From: "Matthew Harmsen" <mharmsen(a)redhat.com&gt; To: "pki-devel" <pki-devel(a)redhat.com&gt; Sent: Tuesday, May 3, 2016 11:42:02 AM Subject: [Pki-devel] [PATCH] Fixed adminEnroll servlet browser import issue Please review the attached patch which addresses: * PKI TRAC Ticket #1669 - adminEnroll servlet EnrollSuccess.template succeeds but fails on import into browser This was tested on Fedora 23 by doing the following: * installed and configured a CA * Successfully tested enrollment in a browser after importing the original Admin certificate * systemctl stop pki-tomcatd(a)pki-tomcat.service * edited /etc/pki/pki-tomcat/ca/CS.cfg to set: * ca.Policy.enable=true * cmsgateway.enableAdminEnroll=true * systemctl start pki-tomcatd(a)pki-tomcat.service * created a new Firefox profile * traversed to the EE page, went to the Retrieval tab, imported the CA cert, and trusted it * within this new profile, traversed to https://pki.example.com:8443/ca/admin/ca/adminEnroll.html , and filled out the form * with this patch installed, it should generate a new admin certificate and import it successfully into this new profile -- to check, attempt to use the imported admin certificate to traverse to the Agents page _______________________________________________ Pki-devel mailing list Pki-devel(a)redhat.com https://www.redhat.com/mailman/listinfo/pki-devel