Bug 1280082

Summary: [RFE] Allow third-party SSL certificates with passphrase
Product: Red Hat Satellite Reporter: Fotios Tsiadimos <ftsiadim>
Component: SecurityAssignee: satellite6-bugs <satellite6-bugs>
Status: CLOSED WONTFIX QA Contact: Katello QA List <katello-qa-list>
Severity: high Docs Contact:
Priority: urgent    
Version: 6.1.3CC: arajagou, bbuckingham, bkearney, dlobatog, ftsiadim, just1nsan3, mdekan, oshtaier, smajumda, sthirugn
Target Milestone: UnspecifiedKeywords: FutureFeature, Triaged
Target Release: Unused   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-08-24 20:26:15 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Fotios Tsiadimos 2015-11-10 22:12:48 UTC 
Description of problem:
Third-party SSL certificates  are not working with the passprhase.

Version-Release number of selected component (if applicable):
Satellite 6.1.3

How reproducible:
You need thirird-party certificates to enable on the Satellite 6 
Regenerating certs without passprhase can resolve the issue partially:

After regenerating certs without passprhase:

 Could not start Service[foreman-proxy]: Execution of '/usr/share/katello-installer/modules/service_wait/bin/service-wait start foreman-proxy' returned 1: Redirecting to /bin/systemctl start  foreman-proxy.service
 /Stage[main]/Foreman_proxy::Service/Service[foreman-proxy]/ensure: change from stopped to running failed: Could not start Service[foreman-proxy]: Execution of '/usr/share/katello-installer/modules/service_wait/bin/service-wait start foreman-proxy' returned 1: Redirecting to /bin/systemctl start  foreman-proxy.service
Comment 8 Bryan Kearney 2017-08-24 20:26:15 UTC 
Thank you for your interest in Satellite 6. We have evaluated this request, and we do not expect this to be implemented in product in the forseeable future. We are therefore closing this out as WONTFIX. If you have any concerns about this, please feel free to contact Rich Jerrido or Bryan Kearney. Thank you.