Bug 1841070

Summary: Cockpit 195 crashes with ECDSA certificate
Product: Red Hat Enterprise Linux 7 Reporter: Davide Principi <davide.principi>
Component: cockpitAssignee: Martin Pitt <mpitt>
Status: CLOSED ERRATA QA Contact: Jan Ščotka <jscotka>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.8   
Target Milestone: rc   
Target Release: 7.9   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-09-29 20:03:34 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Davide Principi 2020-05-28 09:29:38 UTC 
Description of problem:

After uploading an ECDSA certificate the Cockpit service does not restart.

Version-Release number of selected component (if applicable):

cockpit-195.6-1.el7.centos.x86_64

How reproducible:

Configure cockpit with an ECDSA certificate and restart the service.

Actual results:

The cockpit service does not start. In system journal the error:

    May 27 17:32:09 vm5.dpnet.nethesis.it systemd[1]: Starting Cockpit Web Service...
    May 27 17:32:09 vm5.dpnet.nethesis.it remotectl[6666]: remotectl: /etc/cockpit/ws-certs.d/99-nethserver.cert: No PEM-encoded private key found
    May 27 17:32:09 vm5.dpnet.nethesis.it systemd[1]: cockpit.service: control process exited, code=exited status=1


Expected results:

A new cockpit-ws process is spawned offering the new ECDSA certificate.

Additional info:

Bug originally reported here: https://github.com/NethServer/dev/issues/6183

I see the upstream Cockpit project already fixed the issue: https://github.com/cockpit-project/cockpit/pull/13074

Is it possible to backport it to Cockpit 195 in EL7?
Comment 2 Martin Pitt 2020-05-28 11:03:03 UTC 
I'm happy to backport the fix. It's mostly Jan Scotka's decision whether he can fit it in QE-wise.
Comment 4 Martin Pitt 2020-05-28 12:40:27 UTC 
https://github.com/cockpit-project/cockpit/pull/14166
Comment 10 errata-xmlrpc 2020-09-29 20:03:34 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (cockpit bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:3950