View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0007509 | Compliance Test Tool (CTT) Unified Architecture | 5 - General Problem | public | 2021-12-31 17:10 | 2022-01-29 14:27 |
Reporter | Martin Regen | Assigned To | Alexander Allmendinger | ||
Priority | normal | Severity | block | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | 1.04.09.398 | ||||
Fixed in Version | 1.03.341.401 | ||||
Summary | 0007509: CTT creates Root CA certs with serialnumber 0, not accepted by Windows as valid Root CA | ||||
Description | The CTT creates root CA and Sub CA certificates with serialnumber 0. The chain is not accepted by the Windows X509Chain validator, causes e.g. test 02 to fail because of BadCertificateInvalid error. https://cabforum.org/2016/03/31/ballot-164/ some explanation here: | ||||
Steps To Reproduce | Load cert chain with 3 members in windows user store, e.g. as in the picture below . Check the cert chain. Root cert is disconnected from sub. With the simple fix in the script, all is good. echo 00 >"%G_CA_SERIAL_NUMBER_LOCATION%" with openssl rand -hex 16 > "%G_CA_SERIAL_NUMBER_LOCATION%" | ||||
Additional Information | see picture of cert chain before and after | ||||
Tags | No tags attached. | ||||
Attached Files | |||||
Files Affected | |||||
|
Verified requirements for the serial number in the certificates which are correct. |
|
reviewed uin extra call, agreed and closed |
Date Modified | Username | Field | Change |
---|---|---|---|
2021-12-31 17:10 | Martin Regen | New Issue | |
2021-12-31 17:10 | Martin Regen | File Added: image.png | |
2021-12-31 17:10 | Martin Regen | File Added: image-2.png | |
2022-01-03 11:23 | Alexander Allmendinger | Assigned To | => Alexander Allmendinger |
2022-01-03 11:23 | Alexander Allmendinger | Status | new => resolved |
2022-01-03 11:23 | Alexander Allmendinger | Resolution | open => fixed |
2022-01-03 11:23 | Alexander Allmendinger | Fixed in Version | => 1.03.341.401 |
2022-01-03 11:23 | Alexander Allmendinger | Note Added: 0015656 | |
2022-01-04 06:28 | Paul Hunkar | Description Updated | |
2022-01-04 06:28 | Paul Hunkar | Steps to Reproduce Updated | |
2022-01-29 14:26 | Paul Hunkar | Note Edited: 0015656 | |
2022-01-29 14:27 | Paul Hunkar | Status | resolved => closed |
2022-01-29 14:27 | Paul Hunkar | Note Added: 0015891 |