[Pki-devel] [PATCH] Ticket-2617-part2-add-revocation-check-to-signing-ce.patch

This patch adds the missing revocation check (and possibly validity check) to https://pagure.io/dogtagpki/issue/2617 Allow CA to process pre-signed CMC non-signing certificate requests The code that CMCUserSignedAuth originated from, CMCAuth, has a confusing comment where it states: // verify signer's certificate using the revocator right above the CryptoManager.isCertValid() call. Which mislead me into believing that the call checks for revocation status. During work for CMC revocation (upcoming patch), I found out that is not entirely the case. The call does not check for revocation status when I used a revoked cert to sign the cmc request. I am adding revocation and validity checks to make sure that the check is more complete. thanks, Christina