Bug 1897297

Summary: katello-certs-check output print foreman-installer--scenario katello instead satellite-installer --scenario satellite
Product: Red Hat Satellite Reporter: Devendra Singh <desingh>
Component: InstallationAssignee: satellite6-bugs <satellite6-bugs>
Status: CLOSED ERRATA QA Contact: Devendra Singh <desingh>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.9.0CC: ehelms
Target Milestone: 6.9.0Keywords: Regression, Triaged
Target Release: Unused   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-04-21 13:18:55 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Devendra Singh 2020-11-12 17:47:37 UTC 
Description of problem: katello-certs-check shows 'foreman-installer --scenario katello' instead of 'satellite-installer --scenario satellite'

Version-Release number of selected component (if applicable):
6.9.0 Snap1

How reproducible:
always

Steps to Reproduce:
1. Install Satellite 6.9.0
2. Perform katello-certs-check with SSL certs

# katello-certs-check -c xyz.com.crt -k xyz.com.key -b cacert.crt
Checking server certificate encoding: 
[OK]

Checking expiration of certificate: 
[OK]

Checking expiration of CA bundle: 
[OK]

Checking if server certificate has CA:TRUE flag 
[OK]

Checking for private key passphrase: 
[OK]

Checking to see if the private key matches the certificate: 
[OK]

Checking CA bundle against the certificate file: 
[OK]

Checking CA bundle size: 
[OK]

Checking Subject Alt Name on certificate 
[OK]

Checking if any Subject Alt Name on certificate matches the Subject CN
[OK]

Checking Key Usage extension on certificate for Key Encipherment 
[OK]

Validation succeeded


To install the Katello server with the custom certificates, run:

    foreman-installer --scenario katello \
                      --certs-server-cert "/root/ownca/xyz.com/xyz.com.crt" \
                      --certs-server-key "/root/ownca/xyz.com/xyz.com.key" \
                      --certs-server-ca-cert "/root/ownca/xyz.com/cacert.crt"

To update the certificates on a currently running Katello installation, run:

    foreman-installer --scenario katello \
                      --certs-server-cert "/root/ownca/xyz.com/xyz.com.crt" \
                      --certs-server-key "/root/ownca/xyz.com/xyz.com.key" \
                      --certs-server-ca-cert "/root/ownca/xyz.com/cacert.crt" \
                      --certs-update-server --certs-update-server-ca

To use them inside a NEW $FOREMAN_PROXY, rerun this command with -t foreman-proxy

Actual results:
foreman-installer --scenario katello" showed in katello-certs-check instead of 'satellite-installer --scenario satellite'

Expected results:
'satellite-installer --scenario satellite' should be displayed instead of "foreman-installer --scenario katello"

Additional info:
Comment 1 Devendra Singh 2020-12-02 07:56:55 UTC 
Verified on 6.9.0 Snap3

[root@dell-pe-fm120-1a xyz.com]# katello-certs-check -c xyz.com.crt -k xyz.com.key -b cacert.crt
Checking server certificate encoding: 
[OK]

Checking expiration of certificate: 
[OK]

Checking expiration of CA bundle: 
[OK]

Checking if server certificate has CA:TRUE flag 
[OK]

Checking for private key passphrase: 
[OK]

Checking to see if the private key matches the certificate: 
[OK]

Checking CA bundle against the certificate file: 
[OK]

Checking CA bundle size: 
[OK]

Checking Subject Alt Name on certificate 
[OK]

Checking if any Subject Alt Name on certificate matches the Subject CN
[OK]

Checking Key Usage extension on certificate for Key Encipherment 
[OK]

Validation succeeded


To install the Red Hat Satellite server with the custom certificates, run:

    satellite-installer --scenario satellite \
                      --certs-server-cert "/root/ownca/xyz.com/xyz.com.crt" \
                      --certs-server-key "/root/ownca/xyz.com/xyz.com.key" \
                      --certs-server-ca-cert "/root/ownca/xyz.com/cacert.crt"

To update the certificates on a currently running Red Hat Satellite installation, run:

    satellite-installer --scenario satellite \
                      --certs-server-cert "/root/ownca/xyz.com/xyz.com.crt" \
                      --certs-server-key "/root/ownca/xyz.com/xyz.com.key" \
                      --certs-server-ca-cert "/root/ownca/xyz.com/cacert.crt" \
                      --certs-update-server --certs-update-server-ca

To use them inside a NEW $CAPSULE, rerun this command with -t capsule
Comment 4 errata-xmlrpc 2021-04-21 13:18:55 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: Satellite 6.9 Release), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:1313