Details
-
Bug
-
Resolution: Done
-
Major
-
RH-SSO-7.0.0.GA
-
None
-
None
Description
Uploading certificate to /upload-certificate updates the certificate for client but does not nullify any previous private key.
There should be another line in this code block:
client.removeAttribute(privateAttribute);
Additionally, the endpoint returns information extracted from uploaded certificate, rather than the new state of certificate - the same information received when calling GET /auth/admin/realms/
{realm}/clients/
{id}/certificates/
{attr}, which I would intuitively expect.
But I guess that's intentional, and should be pointed out in JavaDoc.