certmonger

#259 Add new certs to internal token, try harder to remove on renewal
Merged by rcritten. Opened by rcritten.
rcritten/certmonger issue_258  into  master

When using a hardware token the certificate will appear twice:
- on the hardware token
- on the internal token as a placeholder for trust

When renewing a certificate be sure to put a copy of the new
certificate onto the internal token to store that trust.

Similarly when a new certificate is added ensure that any old
certificates with the same nickname are removed. This needs to
span all tokens.

SEC_DeletePermCertificate() will not necessarily remove the
certificate on the token it is in so do multiple passes of
"find the certificate" to ensure all copies are removed.

Fixes: https://pagure.io/certmonger/issue/258

Signed-off-by: Rob Crittenden rcritten@redhat.com

rebased onto 8c1a5a063d3fa8794a181f2d33b8623be5430a90

rebased onto 0277286dd53ddbd9acbf3a317bcc8939ed01278b

rebased onto a31209b5bc108c70a4b705546d00912ea11bda97

Pull-Request has been merged by rcritten
Metadata
None
No Tags
Changes Summary 1
+99 -4
file changed
src/certsave-n.c
Static archive. pagure.io was sunset in 2026; this is a read-only snapshot.
Red Hat Logo

Fedora is sponsored by Red Hat. Learn more about the relationship between Red Hat and Fedora »

© Red Hat, Inc. and others.