| commit | 3f2b68bd850862faa2d1c83a04a3185bb67aab9d | |
| author | alech <alech@95d9436f-6502-0410-902c-bd9569d1a17e> | |
| Tue, 24 Mar 2009 15:20:46 +0000 (24 15:20 +0000) | ||
| committer | alech <alech@95d9436f-6502-0410-902c-bd9569d1a17e> | |
| Tue, 24 Mar 2009 15:20:46 +0000 (24 15:20 +0000) | ||
| tree | eee5d61c220d0eef5b2229b6e609806f85ba2ec0 | treesnapshot (tar.gz zip) |
| parent | 4d7c1b8dc1b0cbc935f3b266e18e903fb23a8aa3 | commitdiff |
SCEP initial enrollment or renewal testing redesign
Previously, we needed SCEP requests to be signed with a certificate
with the same DN and checked whether it was a renewal (and which
certificate to renew) by looking at (parts of) the subject.
This code was written before we had the concept of certificate
identifiers, which can be used to uniquely identify a given certificate.
The certificate which is to be renewed is now identified by looking at
the certificate identifier of the signature certificate (if this
identifier is not present in the DB, it is obviously an initial
enrollment). This also allows us to be more easy-going with regard to
the subject of the signer - this can be different from the request (but
the client will have to deal with this difference, then).
git-svn-id: https://openxpki.svn.sourceforge.net/svnroot/openxpki@1428 95d9436f-6502-0410-902c-bd9569d1a17e
Previously, we needed SCEP requests to be signed with a certificate
with the same DN and checked whether it was a renewal (and which
certificate to renew) by looking at (parts of) the subject.
This code was written before we had the concept of certificate
identifiers, which can be used to uniquely identify a given certificate.
The certificate which is to be renewed is now identified by looking at
the certificate identifier of the signature certificate (if this
identifier is not present in the DB, it is obviously an initial
enrollment). This also allows us to be more easy-going with regard to
the subject of the signer - this can be different from the request (but
the client will have to deal with this difference, then).
git-svn-id: https://openxpki.svn.sourceforge.net/svnroot/openxpki@1428 95d9436f-6502-0410-902c-bd9569d1a17e