| Summary: | [RFE] add public portion of entitlement CA to manifest file | ||
|---|---|---|---|
| Product: | [Community] Candlepin | Reporter: | Chris Duryee <cduryee> |
| Component: | candlepin | Assignee: | candlepin-bugs |
| Status: | CLOSED WONTFIX | QA Contact: | Katello QA List <katello-qa-list> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 0.9.51 | CC: | awood, bcourt |
| Target Milestone: | --- | Keywords: | FutureFeature |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-09-20 14:59:19 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
|
Description
Chris Duryee
2016-02-02 22:21:28 UTC
sorry, I hit "submit" while editing the description. The entitlement CA certificate can be used to validate that the entitlement certificates in the manifest are in fact signed by Red Hat. This request is to add the entitlement CA certificate to the manifest file generated by candlepin. Note that the CA cert is different from the CA private key; the former is used to validate signatures and the latter is used for signing. Closing because including the key used to validate in the same payload that the things it will be used to validate would not prevent a man in the middle from replacing both the signing key & the entitlement certificates. Please re-open w/ more details on the scenario & need for it if you would still like to have this feature. |