Verified.
Tested on: Satellite 6.14.3
Steps followed:
1) Import a manifest on satellite -> create activation key -> register host
2) Schedule CertificateCleanupJob to run every minute using command "candlepin.async.jobs.CertificateCleanupJob.schedule=1 * * * * ?" in /etc/candlepin/candlepin.conf and restart tomcat.
3) Find the id using query (su - postgres -c "psql candlepin -c \"select cs.*, c.id as certificate_id from cp_cert_serial cs inner join cp_certificate c on c.serial_id = cs.id;\"")
4) Update that id to be revoked using command "UPDATE cp_cert_serial SET revoked=true, expiration='2022-01-15 00:00:00.000000' WHERE id=<one of the ids returned by the previous query>;"
5) Monitor "/var/log/candlepin/candlepin.log" for Foreign Key violations.
Observation:
No Foreign Key violations are observed in candlepin logs.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory (Moderate: Satellite 6.14.3 Async Security Update), and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHSA-2024:1536
Verified. Tested on: Satellite 6.14.3 Steps followed: 1) Import a manifest on satellite -> create activation key -> register host 2) Schedule CertificateCleanupJob to run every minute using command "candlepin.async.jobs.CertificateCleanupJob.schedule=1 * * * * ?" in /etc/candlepin/candlepin.conf and restart tomcat. 3) Find the id using query (su - postgres -c "psql candlepin -c \"select cs.*, c.id as certificate_id from cp_cert_serial cs inner join cp_certificate c on c.serial_id = cs.id;\"") 4) Update that id to be revoked using command "UPDATE cp_cert_serial SET revoked=true, expiration='2022-01-15 00:00:00.000000' WHERE id=<one of the ids returned by the previous query>;" 5) Monitor "/var/log/candlepin/candlepin.log" for Foreign Key violations. Observation: No Foreign Key violations are observed in candlepin logs.