Bug 1115993

Summary: [engine-setup] websocket proxy CSR should be saved also on filesystem
Product: [Retired] oVirt Reporter: Jiri Belka <jbelka>
Component: ovirt-engine-coreAssignee: Simone Tiraboschi <stirabos>
Status: CLOSED CURRENTRELEASE QA Contact: Jiri Belka <jbelka>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 3.5CC: alonbl, bugs, didi, gklein, iheim, lveyde, rbalakri, sbonazzo, stirabos, yeylon
Target Milestone: ---   
Target Release: 3.5.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: integration
Fixed In Version: ovirt-3.5.0_rc2 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1118328 (view as bug list) Environment:
Last Closed: 2014-10-17 12:21:09 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1116017    

Description Jiri Belka 2014-07-03 13:14:44 UTC 
Description of problem:
websocket proxy CSR should be saved also on filesystem. why?

1. i don't like copy & paste ..or.. i just used vnc/whatever and copy&paste is not working
2. i lost login session and history with CSR is lost

Version-Release number of selected component (if applicable):
ovirt-engine-setup-base-3.5.0-0.0.master.20140629172257.git0b16ed7.el6.noarch
ovirt-engine-setup-plugin-ovirt-engine-common-3.5.0-0.0.master.20140629172257.git0b16ed7.el6.noarch
ovirt-engine-setup-plugin-websocket-proxy-3.5.0-0.0.master.20140629172257.git0b16ed7.el6.noarch
ovirt-engine-setup-plugin-ovirt-engine-3.5.0-0.0.master.20140629172257.git0b16ed7.el6.noarch

How reproducible:
100%

Steps to Reproduce:
1. engine-setup
2. find /etc/pki/ovirt-engine /etc/ovirt-engine
3.

Actual results:
CSR is not saved on the disk

Expected results:
should be saved there as a backup

Additional info:
Comment 1 Alon Bar-Lev 2014-07-31 14:07:41 UTC 
just to make sure, the csr will be saved in addition to presenting it at the local host at /tmp not at /etc or any persistent location. the file at /tmp must be unique to avoid naming attacks.
Comment 2 Jiri Belka 2014-09-25 12:45:40 UTC 
ok, rhevm-setup-plugin-websocket-proxy-3.5.0-0.13.beta.el6ev.noarch

# engine-setup
...         
          The certificate signing request is available at:
          /tmp/tmpuy6z8a
...

# openssl req -in /tmp/tmpuy6z8a -verify
verify OK
-----BEGIN CERTIFICATE REQUEST-----
MIICRDCCASwCADAAMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LWm
fcbHp8ZgKaNrK5GO/rzfyyw8aS7FLahnF9WXxHQVEa449kw7dwnLuyyZ0Mw6cizc
O1grYLNpArOpWDqpTy89W3RjkcnVH3l5moe0Gx6D641JnUvR3nZysVJEyGAL92aJ
9UclLR7G00TeZn4HZ2EP3ssAnyda9Ru4vIhzXfNqRZ7XFKq6MxeNtJCMtruy30X3
Zitkl7HRHXpNk1y0jBr3rv8yUTPIQUvnU6hKb1aBI/RJPQm/IP8SVbmxyGPH/TqW
nNBWArSqeUcevYsyc2CCFx0Azade2Qvly9kdOTzbykqJ24/3Hne8rmhZEwwq/Fd4
b/2ATi331qkIJ1egbQIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEBAEhLMSNUyNjF
O9YTaHkiG2Xh/nTYBrynZ4vWgZcoTbdnDANXUuQi5sK9TCHBqVIpvcYWmpLS6wdS
t2iqhzGTJEhfmtJAyew20PuxtfjIntWy3NOn8SoOVKoQPpOLXjqmXk1QSFXl0nvZ
WRzBIC+oeITzSkqukIhhTVpDUV39O8AwsBRGwxFAQgfjMzGcmA2ti7V/NxfG+1dW
ClphPLBO4fnNIU6RI6LANgYkYhkBbY/GQTP7klDgxVPAZF7Fab1gcshbv6+H+g/c
4Jo1Fp/6jwm0xxBdK+DsP6E8Vt7JD5a57gDKxNM9iDDaJllVM2SoaWh6obznRSXM
xY1GKFet4js=
-----END CERTIFICATE REQUEST-----
Comment 3 Sandro Bonazzola 2014-10-17 12:21:09 UTC 
oVirt 3.5 has been released and should include the fix for this issue.