Bug 1474986

Summary: [RFE] Tool needed to renew expired system certificates
Product: Red Hat Enterprise Linux 7 Reporter: Ade Lee <alee>
Component: pki-coreAssignee: Dinesh Prasanth <dmoluguw>
Status: CLOSED DUPLICATE QA Contact: Asha Akkiangady <aakkiang>
Severity: high Docs Contact:
Priority: high    
Version: 7.5CC: edewata, mharmsen, nkinder
Target Milestone: rcKeywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-09-26 17:32:44 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1472344    

Description Ade Lee 2017-07-25 18:46:56 UTC 
Description of problem:

Currently, the only way to recover a certificate system instance whose certs have expired is by backdating the server till when the certs are not yet expired, and using the regular cert enrollment tools to renew the cert.  This process is manual and error prone.

A tool is needed to simplify and automate this process, without requiring the system to be backdated.  This tool would be part of the pki-server admin tool that would be run by a priviledged user on the server.

This tool could then be invoked by IPA administrators to easily resurrect certificate server instances.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 2 Endi Sukma Dewata 2017-09-22 17:55:43 UTC 
This seems to be a duplicate of bug #1468348.
Comment 3 Matthew Harmsen 2017-09-26 17:32:44 UTC 

*** This bug has been marked as a duplicate of bug 1468348 ***