Bug 1314418

Summary: katello should not install sha1 certificates
Product: Red Hat Satellite Reporter: Stephen Wadeley <swadeley>
Component: InstallationAssignee: Katello Bug Bin <katello-bugs>
Status: CLOSED DUPLICATE QA Contact: Katello QA List <katello-qa-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.1.7   
Target Milestone: Unspecified   
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-04-07 07:24:29 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Stephen Wadeley 2016-03-03 14:46:03 UTC 
Description of problem:

When opening NoVNC console I see error in web UI "WebSock error: [object Event]"

Firefox browser console shows:
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1

Then I noticed certificates are still sha1

[root@rhel7-1-sat6 ~]# openssl x509 -in /etc/pki/katello/certs/katello-apache.crt -noout -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10857288126450870211 (0x96acd606d12ba7c3)
    Signature Algorithm: sha1WithRSAEncryption



Version-Release number of selected component (if applicable):


[root@rhel7-1-sat6 ~]# rpm -q katello-installer
katello-installer-2.3.25-1.el7sat.noarch

[root@rhel7-1-sat6 ~]# rpm -q foreman
foreman-1.7.2.53-1.el7sat.noarch

How reproducible:
All the time

Steps to Reproduce:
1.  I have been following[1] Foreman Docs, LibVirt Notes.
 http://theforeman.org/manuals/1.9/index.html#5.2.5LibvirtNotes
to configure Sat6 to connect to libvirt

2. Create https://rhel7-1-sat6.example.com/compute_resources

3. https://rhel7-1-sat6.example.com/compute_resources/1-my-test-compute/vms/cc346ba9-e054

4. Try to open console

Actual results:

"WebSock error: [object Event]"

Expected results:

VNC console to my VM

Additional info:

https://github.com/Katello/katello-certs-tools/commit/b68836ab1b70d085691168dbc3748769c405e522
Comment 2 Stephen Wadeley 2016-04-07 07:24:29 UTC 
Hello

This bug was first:

Bug 1296301 - Katello-installer and capsule-certs-generate sign certificates with sha1


===============
https://bugzilla.redhat.com/show_bug.cgi?id=1296301#c9
 Kedar Bidarkar 2016-04-01 14:36:56 EDT

VERIFIED with sat62-snap6


=================

Closing as duplicate.

*** This bug has been marked as a duplicate of bug 1296301 ***