I tested myself by pointing to mharmsen's system, seems to work fine. Conditional ACK on the patch, just remove some of the entries in we were not sure you needed. We tested with just the bare minimum and it works.
----- Original Message ----- From: "Matthew Harmsen" <[email protected]> To: "pki-devel" <[email protected]> Sent: Tuesday, May 3, 2016 11:42:02 AM Subject: [Pki-devel] [PATCH] Fixed adminEnroll servlet browser import issue Please review the attached patch which addresses: * PKI TRAC Ticket #1669 - adminEnroll servlet EnrollSuccess.template succeeds but fails on import into browser This was tested on Fedora 23 by doing the following: * installed and configured a CA * Successfully tested enrollment in a browser after importing the original Admin certificate * systemctl stop [email protected] * edited /etc/pki/pki-tomcat/ca/CS.cfg to set: * ca.Policy.enable=true * cmsgateway.enableAdminEnroll=true * systemctl start [email protected] * created a new Firefox profile * traversed to the EE page, went to the Retrieval tab, imported the CA cert, and trusted it * within this new profile, traversed to https://pki.example.com:8443/ca/admin/ca/adminEnroll.html , and filled out the form * with this patch installed, it should generate a new admin certificate and import it successfully into this new profile -- to check, attempt to use the imported admin certificate to traverse to the Agents page _______________________________________________ Pki-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/pki-devel _______________________________________________ Pki-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/pki-devel
