Bug 1271195
Summary: | incorrect error message at crlutil failure | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Oleg Fayans <ofayans> | ||||||
Component: | nss-util | Assignee: | Elio Maldonado Batiz <emaldona> | ||||||
Status: | CLOSED EOL | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||
Severity: | unspecified | Docs Contact: | |||||||
Priority: | unspecified | ||||||||
Version: | 22 | CC: | amarecek, emaldona, kengert, rrelyea | ||||||
Target Milestone: | --- | ||||||||
Target Release: | --- | ||||||||
Hardware: | Unspecified | ||||||||
OS: | Unspecified | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2016-07-19 18:12:19 UTC | Type: | Bug | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Created attachment 1082351 [details]
the script that reproduces the issue
Fedora 22 changed to end-of-life (EOL) status on 2016-07-19. Fedora 22 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed. |
Created attachment 1082350 [details] some auxiliary env variables Description of problem: When I am trying to revoke a certificate using crtutil, in some cases crtutil throws the following error: crlgen: (line: 1) entry already exists. Use "range" and "rmcert" before adding a new one with the same serial number 10 crlutil: crl generation failed: error 0: Success Version-Release number of selected component (if applicable): nss-tools-3.20.0-1.0.fc22.x86_64 How reproducible: Sometimes Steps to Reproduce: 1. Download attached env file and caless-create-pki.sh script 2. source env 3. ./caless-create-pki.sh 4. After the script finishes it's work, issue the following command: for i in `certutil -L -d nssdb | awk '{print $1}'` ; do certutil -D -d nssdb -n $i ; done 5. run ./caless-create-pki.sh again Actual results: ++ awk '/^\s+Serial Number: / { print $3 }' + serial=10 + crlutil -M -d nssdb -n ca1 -c /dev/stdin -f /tmp/tmp.E1xXRAcCkb -o nssdb/ca1.crl ++ date -u +%Y%m%d%H%M%SZ crlgen: (line: 1) entry already exists. Use "range" and "rmcert" before adding a new one with the same serial number 10 crlutil: crl generation failed: error 0: Success Expected results: The script should succeed Additional info: