Bug 495396

Summary: --ca-cert command line switch does not override rhn_server.conf setting
Product: Red Hat Satellite 5 Reporter: Jeff Browning <jbrownin>
Component: Satellite SynchronizationAssignee: Pradeep Kilambi <pkilambi>
Status: CLOSED CURRENTRELEASE QA Contact: Shannon Hughes <shughes>
Severity: medium Docs Contact:
Priority: low    
Version: 530CC: jhutar, omoris, pthomas, shughes
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: sat530 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-09-10 20:04:35 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 457071    

Description Jeff Browning 2009-04-12 18:33:33 UTC 
Description of problem:
All command line variables should override preset parameters in the rhn_server.conf file. In the case of --ca-cert, it does not.

Version-Release number of selected component (if applicable):
Satellite-5.3.0-RHEL5-re20090403.2-i386-embedded-oracle.iso

How reproducible:
100%

Steps to Reproduce:
1. Set up a Master / Slave ISS environment
2. Download the cert file from the /pub directory of the master, to the slave, but do not put it in the default location pre-defined in the rhn_server.conf file.
3. On Slave: # satellite-sync --iss-parent=<master> --ca-cert=<custom location of the cert file> -l

This will fail, saying you don't have the right cert file

4. Edit the rhn_server.conf file and remove the preset location of the cert file, leaving that line blank.
5. Repeat the command from step 3
  
Actual results:
This command works only after the preset location for the cert file is removed from the rhn_server.conf file.

Expected results:
A command line variable like --ca-cert= should override the contents of the conf file. This *is* the case for --iss-parent=, but not for --ca-cert=.

Additional info:
Comment 2 Shannon Hughes 2009-06-29 19:40:08 UTC 
pulled down the ca cert from a vmware satellite and set in the /tmp director for the slave then was able to perform a successful listing of channels on master:

[root@rlx-3-16 tmp]# satellite-sync --ca-cert=/tmp/RHN-ORG-TRUSTED-SSL-CERT --iss-parent=dhcp77-237.rhndev.redhat.com -l
15:26:56 Red Hat Network Satellite - live synchronization
15:26:56    url: https://dhcp77-237.rhndev.redhat.com


.....

looks good.
Comment 3 Preethi Thomas 2009-08-07 19:48:31 UTC 
Release Pending
[root@test04-64 ~]# satellite-sync  --iss-parent=sun-x4200-01.rhts.bos.redhat.com --ca-cert=/root/RHN-ORG-TRUSTED-SSL-CERT  -l
15:33:37 Red Hat Network Satellite - live synchronization
15:33:37    url: https://sun-x4200-01.rhts.bos.redhat.com
15:33:37    debug/output level: 1
15:33:38    db:  sayli/<password>@rhnsat10
15:33:38
Comment 4 Brandon Perkins 2009-09-10 20:04:35 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2009-1434.html