New issue
Advanced search Search tips

Issue 845501 link

Starred by 4 users
Status: Assigned
Owner:
marcuskoehler@chromium.org
Cc:
hendrich@chromium.org
emaxx@chromium.org
pmarko@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 2
Type: Feature



Sign in to add a comment

[FR] Support Key Based Renewal in the Certificate Enrollment for Chrome OS Extension

Project Member Reported by kaned@google.com, May 22 2018 
Currently when a client cert expires the Certificate Enrollment for Chrome OS Extension prompts the user to authenticate and enroll for a new cert.
In certain circumstances this is not a desirable flow (kiosk or public session as an example).

CEP/CES supports Key Based Renewal (https://blogs.technet.microsoft.com/askpfeplat/2013/06/30/server-2012-pki-key-based-renewal-explained/) which provides the ability to automate certificate renewal without requiring user interaction.

This FR is to support PKI Key Based Renewal in the Certificate Enrollment for Chrome OS Extension

Comment 1 by rsleevi@chromium.org, May 22 2018

Components: -Internals>Network>Certificate
Removing Internals>Network>Certificate, since this doesn't affect the Chromium PKI stack.

Comment 2 by emaxx@chromium.org, May 25 2018

Cc: pmarko@chromium.org hendrich@chromium.org emaxx@chromium.org
Owner: dskaram@chromium.org
Status: Assigned (was: Unconfirmed)
Is this related to b/72028557?

Comment 3 by kaned@google.com, May 25 2018 

Thanks, yes b/72028557 sounds similar.
In this particular use case the customer is ok with manually enrolling for the initial cert (as part of an device setup flow) but wants cert renewal to be automated.

Comment 4 by dskaram@chromium.org, Aug 23

Owner: marcuskoehler@chromium.org

Comment 5 by marcuskoehler@chromium.org, Sep 18

Labels: Hotlist-Enterprise-Networking

Sign in to add a comment