Uploaded image for project: 'Corda'
  1. CORDA-2701

The crlCheckSoftFail option is not respected, allowing transactions even if strict checking is enabled

    Details

    • Type: Bug
    • Status: Done (View workflow)
    • Priority: High
    • Resolution: Done
    • Affects versions: Corda 4, Corda Enterprise 4 RC04
    • Fix versions: Corda 4.1
    • Components: None
    • Labels:
      None

      Description

      If the crlCheckSoftFail option is set to false in the node configuration, then communication between nodes should not occur if there is a failure in retrieving the CRL for any of the certificates in the certificate hierarchy. This should block flows from succeeding if they involve more than one party and there are any invalid CRLs anywhere in the hierarchy for either node.

      However, currently this does not occur, and communication between nodes will succeed if the tlsCertCrlDistPoint configuration item is set to an invalid URL, even if crlCheckSoftFail is set to false. The reason for this is that the AMQPConfiguration interface provides a default crlCheckSoftFail property that is always true, and this is not overridden somewhere.

      The easiest way to reproduce this is to follow the steps in this test case up to the point where flows are run, with the following additional steps:

      • Update the node.conf in bankA and boc with new tlsCertCrlDistPoint s that point to an invalid URL, before registering these nodes with the network.

        Attachments

          Activity

            People

            • Assignee:
              james.higgs James Higgs
              Reporter:
              james.higgs James Higgs
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: