Bug 1636490
Summary: | Installation of CA using an existing CA fails [rhel-7.6.z] | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Oneata Mircea Teodor <toneata> |
Component: | pki-core | Assignee: | Endi Sukma Dewata <edewata> |
Status: | CLOSED ERRATA | QA Contact: | Asha Akkiangady <aakkiang> |
Severity: | high | Docs Contact: | Marc Muehlfeld <mmuehlfe> |
Priority: | high | ||
Version: | 7.6 | CC: | cpelland, edewata, mharmsen, msauton, rpattath, salmy |
Target Milestone: | rc | Keywords: | Regression, TestBlocker, TestCaseProvided, ZStream |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | pki-core-10.5.9-7.el7_6 | Doc Type: | Bug Fix |
Doc Text: |
Previously, the default value of the pki_ca_signing_cert_path parameter was set to a predefined path. Due to a recent change in the way the pkispawn utility validates the parameter when an administrator used a PKCS #12 file to install a certificate authority (CA), the installation failed with an "Invalid certificate path: pki_ca_signing_cert_path=/etc/pki/pki-tomcat/external_ca.cert" error. This update fixes the problem by removing the default value of pki_ca_signing_cert_path. As a result, the CA installation succeeds in the mentioned scenario.
|
Story Points: | --- |
Clone Of: | 1633761 | Environment: | |
Last Closed: | 2019-01-29 17:21:55 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1633761 | ||
Bug Blocks: |
Description
Oneata Mircea Teodor
2018-10-05 14:00:43 UTC
Endi Sukma Dewata 2018-10-02 17:22:29 EDT Thanks, Roshni! Fixed in 10.5 branch: * https://github.com/dogtagpki/pki/commit/a4f5b17ee96adf79391f9def6e04bb239a779cbe Test Procedure: * Follow steps in http://www.dogtagpki.org/wiki/PKI_10.5_Installing_CA_with_Existing_Certificates_using_PKCS12_File [root@auto-hv-01-guest08 ~]# rpm -qi pki-ca Name : pki-ca Version : 10.5.9 Release : 7.el7_6 Architecture: noarch Install Date: Wed 14 Nov 2018 10:52:02 AM EST Group : System Environment/Daemons Size : 2449878 License : GPLv2 Signature : (none) Source RPM : pki-core-10.5.9-7.el7_6.src.rpm Build Date : Wed 31 Oct 2018 12:47:31 AM EDT Build Host : ppc-016.build.eng.bos.redhat.com Relocations : (not relocatable) Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> Vendor : Red Hat, Inc. URL : http://pki.fedoraproject.org/ Summary : Certificate System - Certificate Authority Unable to reproduce the issue in https://bugzilla.redhat.com/show_bug.cgi?id=1633761#c0 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:0168 |