On Tue, Apr 07, 2015 at 12:18:24PM -0500, Steve Neuharth wrote:
> yes, the certificate in the request file has a newline after the
> certificate data:
>
> cert=-----BEGIN CERTIFICATE-----
> MIIDajCCAlKgAwIBAgIBIDANBgkqhkiG9w0BAQsFADBEMSEwHwYDVQQKDBh0ZXN0
> ...cert data...
> lRCw27w7Yw/JUMqJYoE=
> <---- extra newline
> -----END CERTIFICATE-----
>
>
> Looks like that's the problem. When I make a similar request using cURL, I
> don't get the '\n' in the xml so it must be an error in parsing the xml
> response inside dogtag-submit. I've also tried the v77.1-1 rpm from rawhide
> and I get the same behavior.
Hmm, I'm testing with 0.77.1 and pki-ca-9.0.3-38.el6_6 (you're on Fedora
IIRC, so it's not exactly the same, but I don't have an F21 box handy
ATM), and the data's getting cleaned before it's saved there.
Did you start with an older version and update after dogtag-submit had
finished its work? The newer daemon wouldn't have been in a position to
clean up the data it got from the helper in that case.
Nalin