Bug 2256024

Summary: The generation of certificates using "capsule-certs-generate" fails when custom SSL parameters are provided.
Product: Red Hat Satellite Reporter: Ganesh Payelkar <gpayelka>
Component: InstallationAssignee: satellite6-bugs <satellite6-bugs>
Status: CLOSED ERRATA QA Contact: Griffin Sullivan <gsulliva>
Severity: high Docs Contact:
Priority: high    
Version: 6.15.0CC: ahumbe, egolov, gsulliva, jpasqual, rlavi
Target Milestone: 6.15.0Keywords: Triaged
Target Release: Unused   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: foreman-installer-3.9.0-1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2024-04-23 17:16:44 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ganesh Payelkar 2023-12-27 20:55:33 UTC 
Description of problem:

The generation of certificates using "capsule-certs-generate" fails when custom SSL parameters are provided.

Version-Release number of selected component (if applicable):
satellite-installer-6.15.0.2-1

How reproducible:
New installation of 6.15

Steps to Reproduce:
1. Install new satellite 
2. Generate a capsule certificate through capsule-certs-generate with custom SSL parameters
3.

Actual results:

# capsule-certs-generate -v --foreman-proxy-fqdn "capsule.example.com" --certs-tar  "~/capsule.example.com-certs.tar" --server-cert "/root/cert/servercert.pem" --server-key "/root/cert/capsule.example.com_cert_key.pem" --server-ca-cert "/root/cert/CA-Chain.pem" --foreman-proxy-cname "loadbalancer.example.com" 

2023-12-28 02:17:44 [NOTICE] [root] Loading installer configuration. This will take some time.
2023-12-28 02:17:46 [NOTICE] [root] Running installer with log based terminal output at level NOTICE.
2023-12-28 02:17:46 [NOTICE] [root] Use -l to set the terminal output log level to ERROR, WARN, NOTICE, INFO, or DEBUG. See --full-help for definitions.


Traceback (most recent call last):
	15: from /usr/sbin/capsule-certs-generate:58:in `<main>'
	14: from /usr/share/gems/gems/kafo-7.3.0/lib/kafo/kafo_configure.rb:54:in `run'
	13: from /usr/share/gems/gems/clamp-1.3.2/lib/clamp/command.rb:140:in `run'
	12: from /usr/share/gems/gems/kafo-7.3.0/lib/kafo/kafo_configure.rb:184:in `run'
	11: from /usr/share/gems/gems/clamp-1.3.2/lib/clamp/command.rb:66:in `run'
	10: from /usr/share/gems/gems/kafo-7.3.0/lib/kafo/kafo_configure.rb:214:in `execute'
	 9: from /usr/share/gems/gems/kafo-7.3.0/lib/kafo/hooking.rb:65:in `execute'
	 8: from /usr/share/gems/gems/kafo-7.3.0/lib/kafo/hooking.rb:65:in `each'
	 7: from /usr/share/gems/gems/kafo-7.3.0/lib/kafo/hooking.rb:67:in `block in execute'
	 6: from /usr/share/gems/gems/kafo-7.3.0/lib/kafo/hook_context.rb:19:in `execute'
	 5: from /usr/share/gems/gems/kafo-7.3.0/lib/kafo/hook_context.rb:19:in `instance_eval'
	 4: from /usr/sbin/capsule-certs-generate:45:in `block in <main>'
	 3: from /usr/share/ruby/open3.rb:390:in `capture2e'
	 2: from /usr/share/ruby/open3.rb:208:in `popen2e'
	 1: from /usr/share/ruby/open3.rb:213:in `popen_run'
/usr/share/ruby/open3.rb:213:in `spawn': wrong first argument (ArgumentError)

Expected results:

capsule certificates should be created for capsule installation

Additional info:
Comment 3 Griffin Sullivan 2024-01-17 16:52:54 UTC 
Verified on 6.15.0 snap 6

capsule-certs-generate not throwing error when running with custom certs.

Steps to Reproduce:

Run steps from Comment 0.


Results:

Command succeeded.
Comment 6 errata-xmlrpc 2024-04-23 17:16:44 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: Satellite 6.15.0 release), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2024:2010