Please review the attached patch which addresses the following PKI
TRAC Ticket:
Detailed testing instructions for this patch are documented
within the TRAC Ticket.
CAVEATS:
- For the CA, KRA, OCSP, and TKS, the following is Firebug
warning (yellow) is expected behavior on newer versions of
Firefox:
CONFIGURATION PANEL: Import CA's Certificate
Chain
FIREBUG CONSOLE: (red - error)
Blocked loading mixed active content "http://server.example.com:8080/ca/ee/ca/getCAChain?op=download&mimeType=application/x-x509-ca-cert"
...p://server.example.com:8080/ca/ee/ca/getCAChain?op=download&mimeType=applic...
FIREFOX BROWSER:
Click on the 'shield' icon in the URL line and select
'Disable protection on this page' from the pull down menu;
follow the dialog boxes to resend the page, and mark all three
trust checkboxes in the pop-up trust dialog as per usual.
FIREBUG CONSOLE: (yellow - warning)
! Loading mixed (insecure) active content on a secure page
"http://server.example.com:8080/ca/ee/ca/getCAChain?op=download&mimeType=application/x-x509-ca-cert"
...p://server.example.com:8080/ca/ee/ca/getCAChain?op=download&mimeType=applic...
wizard (line 210)
- For the CA, the following Firebug 404 error (or something
similar) generally shows up when 'View Server Statistics' is
selected on the CA AGENT PAGE (https://server.example.com:8443/ca/agent/ca/getStats)
yet this variable appears to be defined in the referenced
javascript, and everything appears to still work:
FIREBUG CONSOLE: (red - error)
TypeError: result.recordSet[i] is undefined
if (result.recordSet[i].name.charAt(0) == '-') {
getStats (line 160)