Commit graph

3 commits

Author SHA1 Message Date
Victor Lyuboslavsky
4457459422
Wait for CERT_INSTALL delegation to be available before attempting certificate enrollment (#43065)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #43064 

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.

## Testing

- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

## Release Notes

* **New Features**
* Certificate enrollment now verifies system delegation availability
before attempting installation, preventing unnecessary failures.

* **Bug Fixes**
* Enhanced error messages to include specific certificate alias and
delegation status information for better troubleshooting.
* Improved handling of system state exceptions during the enrollment
process.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-07 11:16:02 -05:00
Victor Lyuboslavsky
edfa694ac2
Fixed certificate template fetch failing with DNS errors (and other issues) (#42625)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #42624
**Related issue:** Resolves #37546

- Fixed certificate template fetch failing with DNS errors (known
Android issue)
- stop polling certs that failed permanently
- CertificateOrchestrator: When server returns template status "failed",
mark the certificate as locally failed (markCertificateForceFailed) and
stop polling
- CertificateOrchestrator: Non-retryable SCEP failures (e.g.
ScepEnrollmentException) now immediately mark as failed and report to
server, skipping the 3-attempt retry logic
- CertificateOrchestrator: recordEnrollmentAttemptFailure now stores the
uuid, fixing a bug where the FAILED guard was bypassed because stored
uuid was empty
- CertificateOrchestrator: Renamed markCertificateFailure to
recordEnrollmentAttemptFailure and added markCertificateForceFailed for
clarity

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.

## Testing

- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Bug Fixes**
* Fixed certificate template retrieval failures that displayed
misleading DNS errors. Optimized HTTP request header handling for GET
requests to prevent these errors during certificate enrollment
operations.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-02 10:44:50 -05:00
Dante Catalfamo
6bf3014889
Make certificate list scrollable (#41891)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->

Resolves #39014

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] QA'd all new/changed functionality manually

<img width="1080" height="2400" alt="image"
src="https://github.com/user-attachments/assets/2ab7c440-9e0b-4676-b024-a8e2fbe934f1"
/>
<img width="1080" height="2400" alt="image"
src="https://github.com/user-attachments/assets/1b3284b3-43f2-4a0f-9609-dc20f6745518"
/>
2026-03-20 10:43:57 -04:00