Bug 1402788

Summary: --certs-regenerate-ca option does nothing
Product: Red Hat Satellite Reporter: Krist van Besien <kvanbesi>
Component: InstallerAssignee: satellite6-bugs <satellite6-bugs>
Status: CLOSED WONTFIX QA Contact: Katello QA List <katello-qa-list>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.2.4CC: bkearney, chrobert, stbenjam
Target Milestone: UnspecifiedKeywords: Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-08-02 21:00:55 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Krist van Besien 2016-12-08 11:04:07 UTC 
Description of problem:

The satellite-installer option "--certs-regenerate-ca" does not do what one would expect.

Version-Release number of selected component (if applicable):

6.2.4

How reproducible:

Every time.

Steps to Reproduce:
1. Install Satellite using satellite-installer and any applicable options
2. Try to regenerate the CA certificate by running:
   satellite-installer --certs-regenerate-ca true <any other certs options...>
3. verify the new CA certificate, and notice how it has not been remade. Look in /root/ssl-build, in /var/www/html/pub and /etc/pki/pulp, etc/pki/katello...

Actual results:

The CA certificate has not been regenerated.

Expected results:

The CA certificate is regenerated.


Additional info:

The default satellite-installer installs a CA certificate with Country=US, State=North Carolina and City=Raleigh (where a well known Open Source company is located). It is possible to override this during a first time install, but if errors are made it is not possible to rerun the installer in a way that regenerates the CA certificate, even though satellite-installer --help suggests you can.
Comment 5 Bryan Kearney 2018-08-02 21:00:55 UTC 
Thank you for your interest in Satellite 6. We have evaluated this request, and we do not expect this to be implemented in the product in the forseeable future. We are therefore closing this out as WONTFIX. If you have any concerns about this, please feel free to contact Rich Jerrido or Bryan Kearney. Thank you.