Bug 1002472

Description of problem:
Client can auto-attach the subscriptions with disabled certv3 from SAM server candlepin.

Version-Release number of selected component (if applicable):
katello-candlepin-cert-key-pair-1.0-1.noarch
katello-certs-tools-1.4.2-2.el6sat.noarch
katello-cli-1.4.3-8.el6sat.noarch
katello-cli-common-1.4.3-8.el6sat.noarch
katello-common-1.4.3-9.el6sam_splice.noarch
katello-configure-1.4.4-3.el6sat.noarch
katello-glue-candlepin-1.4.3-9.el6sam_splice.noarch
katello-glue-elasticsearch-1.4.3-9.el6sam_splice.noarch
katello-headpin-1.4.3-9.el6sam_splice.noarch
katello-headpin-all-1.4.3-9.el6sam_splice.noarch
katello-selinux-1.4.4-2.el6sat.noarch
signo-katello-0.0.20-1.el6sat.noarch
candlepin-0.8.21-1.el6sam.noarch
candlepin-scl-1-5.el6_4.noarch
candlepin-scl-quartz-2.1.5-5.el6_4.noarch
candlepin-scl-rhino-1.7R3-1.el6_4.noarch
candlepin-scl-runtime-1-5.el6_4.noarch
candlepin-selinux-0.8.21-1.el6sam.noarch
candlepin-tomcat6-0.8.21-1.el6sam.noarch
thumbslug-0.0.32-1.el6sam.noarch
thumbslug-selinux-0.0.32-1.el6sam.noarch
subscription-manager: 1.8.21-1.el5
python-rhsm: 1.8.17-1.el5

How reproducible:
always

Steps to Reproduce:
1. Disable certv3 support from SAM candlepin.
[root@samserv tmp]# cat /etc/candlepin/candlepin.conf | grep v3
candlepin.enable_cert_v3=false

2. Register client to candlepin with auto-attach option.
[root@dhcp-65-69 ~]# subscription-manager register --auto-attach
Username: admin
Password: 
The system has been registered with ID: 394ee413-4f88-43e8-85ad-a628261d7359 
Installed Product Current Status:
Product Name: Red Hat Enterprise Linux Server
Status:       Subscribed

3. Check the version of entitlement cert:
[root@dhcp-65-69 ~]# ls /etc/pki/entitlement/
1480191744767772808-key.pem  1480191744767772808.pem

[root@dhcp-65-69 ~]# rct cat-cert /etc/pki/entitlement/1480191744767772808.pem 

+-------------------------------------------+
	Entitlement Certificate
+-------------------------------------------+

Certificate:
	Path: /etc/pki/entitlement/1480191744767772808.pem
	Version: 3.2
	Serial: 1480191744767772808
	Start Date: 2013-06-04 04:00:00+00:00
	End Date: 2014-06-04 03:59:59+00:00
	Pool ID: 8ac28dc740b8b3d40140c8d67e9c0a9f

Subject:
	CN: 8ac28dc740cd94030140cdb5b9e9029b

4. Unregister, Open subscription-manager-gui and register with auto-attach.
Registration and auto-attach are successful. Please see attachment 'Screenshot from 2013-08-29 17:36:53.png'

5. Check the version of entitlement cert:
[root@dhcp-65-69 ~]# ls /etc/pki/entitlement/
1825428854082496952-key.pem  1825428854082496952.pem
[root@dhcp-65-69 ~]# rct cat-cert /etc/pki/entitlement/1825428854082496952.pem 

+-------------------------------------------+
	Entitlement Certificate
+-------------------------------------------+

Certificate:
	Path: /etc/pki/entitlement/1825428854082496952.pem
	Version: 3.2
	Serial: 1825428854082496952
	Start Date: 2013-06-04 04:00:00+00:00
	End Date: 2014-06-04 03:59:59+00:00
	Pool ID: 8ac28dc740b8b3d40140c8d67edf0ac4

Subject:
	CN: 8ac28dc740cd94030140cdb9491402a7


Actual results:
As above.

Expected results:
Client could not auto-attach the subscriptions with disabled certv3 from SAM server candlepin.

Additional info: