Bug 1024445
Summary: | IPA admin cert is created with SHA1 signing algorithm, should be SHA256 | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Asha Akkiangady <aakkiang> | |
Component: | pki-core | Assignee: | Ade Lee <alee> | |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Asha Akkiangady <aakkiang> | |
Severity: | unspecified | Docs Contact: | ||
Priority: | medium | |||
Version: | 7.0 | CC: | alee, cfu, nkinder, nsoman, xdong | |
Target Milestone: | rc | |||
Target Release: | --- | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | pki-core-10.0.5-2.el7 | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 1024461 1024462 (view as bug list) | Environment: | ||
Last Closed: | 2014-06-13 12:29:48 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1024461, 1024462 |
Description
Asha Akkiangady
2013-10-29 16:34:52 UTC
Fixed in 10.0.6: 3cdb23de2802cf12a1d5981e8b94b1d1bc0f8e8a Verified using ipa-server-3.3.3-13.el7.x86_64, pki-core-10.0.5-3.el7 Verified - Admin/agent cert is created with SHA256 signing algorithm. # cat /etc/pki/pki-tomcat/ca/CS.cfg | grep ca.signing.defaultSigningAlgorithm ca.signing.defaultSigningAlgorithm=SHA256withRSA # vim /var/log/pki/pki-tomcat/ca/debug <..snip..> [24/Jan/2014:12:46:50][http-bio-8443-exec-3]: Creating local certificate... issuerdn=cn=Certificate Authority,O=TESTRELM.COM [24/Jan/2014:12:46:50][http-bio-8443-exec-3]: Creating local certificate... dn=cn=ipa-ca-agent,O=TESTRELM.COM [24/Jan/2014:12:46:50][http-bio-8443-exec-3]: Cert Template: [ Version: V3 Subject: CN=ipa-ca-agent,O=TESTRELM.COM Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: algorithm = RSA, unparsed keybits = 30 82 01 0A 02 82 01 01 00 AC A6 CA 24 DF 4C 08 9D 37 03 2B 9A 5B FB F6 16 1C 71 A3 7A 47 9C D6 F4 79 27 2C B4 CA 2B D7 E8 FE 99 0E 21 AA 03 04 83 75 7F 07 59 88 1E 5C 12 DC 52 43 01 80 A7 8D 7E BA 2C FB BE 5F 90 45 59 E6 6D 7F BB 9B 45 1D B4 B1 79 99 53 59 64 6A 23 77 56 C9 06 AA 73 FB 50 80 2D 1F 42 52 DA 22 52 34 65 DC 99 DE 1E D6 1A E5 FC E0 83 05 27 7F DD 8A 5C E4 26 59 AC C8 6A 33 A2 7B 47 65 77 33 EB DA 40 6C E1 92 B7 82 F8 02 E5 73 46 AB 44 26 0B EA 3B 2A FC F5 A1 AE 45 A5 B3 E6 63 23 F5 19 42 7A C9 4D 53 33 8E BC 47 F9 07 5B 4B 19 E2 53 B3 8E 45 7F 3E BA 24 2E E0 8D 94 C3 AD 3C E6 62 13 0C E9 15 93 D2 1B E5 11 F7 F1 41 10 A1 70 C4 C9 AA 3A 01 17 6B FE B7 F9 53 FC 93 D0 43 2B E7 16 41 EC EE 7F 3A 19 C7 38 A4 75 73 7C 4C 05 10 D5 71 7D D4 B3 03 B7 6E 4F DB E4 79 0B 28 57 59 31 02 03 01 00 01 Validity: [From: Fri Jan 24 12:46:50 EST 2014, To: Fri Jan 24 12:46:50 EST 2014] Issuer: CN=Certificate Authority,O=TESTRELM.COM SerialNumber: [ 06] ] [24/Jan/2014:12:46:50][http-bio-8443-exec-3]: CertUtil: createLocalRequest for serial: 6 <..snip..> This request was resolved in Red Hat Enterprise Linux 7.0. Contact your manager or support representative in case you have further questions about the request. |