Bug 616906
Summary: | new consumer certs not being created when they should be | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Adrian Likins <alikins> |
Component: | subscription-manager | Assignee: | Bryan Kearney <bkearney> |
Status: | CLOSED ERRATA | QA Contact: | wes hayutin <whayutin> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 6.1 | CC: | bkearney, jsefler, shaines, spandey, whayutin |
Target Milestone: | rc | Keywords: | RHELNAK |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2011-05-19 13:41:51 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 595758 | ||
Bug Blocks: | 568421 |
Description
Adrian Likins
2010-07-21 17:29:31 UTC
This issue has been proposed when we are only considering blocker issues in the current Red Hat Enterprise Linux release. ** If you would still like this issue considered for the current release, ask your support representative to file as a blocker on your behalf. Otherwise ask that it be considered for the next Red Hat Enterprise Linux release. ** It seems to be working fine. I am not able to re-produce this on my machine. Any scenario/steps are welcome. VERSION: [root@jsefler-rhel6-client01 ~]# rpm -q subscription-manager subscription-manager-0.76-1.git.0.fe91dd4.fc12.i386 FOLLOWING THE TESTS BELOW, YOU'LL SEE (BY NOTING THE FILE TIMESTAMPS AND THE VALIDITY DATES WITHIN THE CERT) THAT THE IDENTITY CERT IS INDEED UPDATED WHEN CALLING subscription-manager-cl register w/force AS WELL AS reregister. [root@jsefler-rhel6-client01 ~]# ls -l /etc/pki/consumer/* ls: cannot access /etc/pki/consumer/*: No such file or directory [root@jsefler-rhel6-client01 ~]# subscription-manager-cli register --username=testuser1 --password=password 971722de-9158-4a51-b80f-1ba36eb97ed1 testuser1 [root@jsefler-rhel6-client01 ~]# ls -l /etc/pki/consumer/* -rw-r--r--. 1 root root 1269 Sep 9 10:28 /etc/pki/consumer/cert.pem -rw-r--r--. 1 root root 1675 Sep 9 10:28 /etc/pki/consumer/key.pem [root@jsefler-rhel6-client01 ~]# openssl x509 -text -noout -in /etc/pki/consumer/cert.pem Certificate: Data: Version: 3 (0x2) Serial Number: 163 (0xa3) Signature Algorithm: sha1WithRSAEncryption Issuer: CN=jsefler-f12-candlepin.usersys.redhat.com, C=US, L=Raleigh Validity Not Before: Sep 9 14:28:33 2010 GMT Not After : Sep 9 14:28:33 2011 GMT Subject: CN=971722de-9158-4a51-b80f-1ba36eb97ed1 Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:94:a9:be:bf:a4:14:e2:1e:ad:71:e6:aa:65:47: 64:16:09:f6:65:61:86:fa:1b:38:3e:11:ab:5d:c9: ef:1c:e0:4f:80:b9:8d:51:2c:8e:ce:6f:7c:ba:e8: 59:0a:d3:ef:d0:02:d7:23:87:1a:e7:4a:37:5d:e0: 5a:12:a2:57:8e:0b:a2:14:81:43:d3:f3:6e:fd:3f: 03:c3:a0:fb:f6:67:cc:d9:3a:62:16:de:2f:4a:1a: b0:78:7b:8c:37:78:99:5e:4f:0b:a9:b3:c3:91:ae: ac:0f:70:d3:ce:34:79:39:56:5a:5e:c9:dc:31:94: a9:ee:ad:65:56:29:ae:4f:84:f7:ca:1b:c3:74:6b: ab:ad:df:80:b2:36:8c:93:a1:2f:5c:4e:6d:32:fc: 7a:da:da:e2:a3:87:e0:3c:2a:ee:e5:65:b3:51:c7: ba:98:b8:4b:67:03:8e:c0:f1:97:74:80:65:ec:9f: 7e:c0:92:c3:ba:ab:11:a3:53:64:03:3c:de:68:a6: fa:c8:21:09:63:57:0c:da:51:be:a4:c3:07:d7:32: 95:99:a9:9f:c3:ae:d1:57:9a:c5:f2:77:b0:d5:cf: 0f:10:48:56:b4:c6:db:87:da:ab:92:7f:15:8b:bd: 86:9f:69:a4:3e:ce:86:24:43:d3:91:fd:f3:74:86: bc:c5 Exponent: 65537 (0x10001) X509v3 extensions: Netscape Cert Type: SSL Client, S/MIME X509v3 Key Usage: Digital Signature, Key Encipherment, Data Encipherment X509v3 Authority Key Identifier: keyid:96:B8:29:58:5D:04:30:FA:E1:3A:95:78:11:7F:0A:BA:C8:97:02:CC DirName:/CN=jsefler-f12-candlepin.usersys.redhat.com/C=US/L=Raleigh serial:DC:B4:1E:8F:C1:17:95:E6 X509v3 Subject Key Identifier: BD:A1:9B:DC:29:6F:67:76:ED:0A:C7:A0:14:85:40:CC:D9:7E:DE:E2 X509v3 Extended Key Usage: TLS Web Client Authentication X509v3 Subject Alternative Name: DirName:/CN=testuser1 Signature Algorithm: sha1WithRSAEncryption 62:09:fb:ae:01:cb:24:57:67:b0:06:f5:00:4d:0a:6c:d7:d2: b9:04:4a:1e:cf:bc:33:a4:4e:c3:b0:a7:f1:47:cc:36:8f:73: 0d:fc:b9:dc:3b:f7:17:6a:c5:27:87:98:da:71:d8:a7:bc:24: 50:46:71:c7:2c:29:8e:9b:0a:aa:c8:be:f6:32:fd:e6:f1:71: 49:b9:d0:5c:00:f3:4c:b8:c6:6c:b2:64:05:28:2c:2a:51:97: 92:5e:8e:90:e2:c8:c5:2b:b1:4b:6b:e5:d5:a4:5c:48:0d:db: 83:b5:b0:ed:15:36:4f:53:57:83:62:b2:5e:53:c8:86:c3:17: 8b:94 [root@jsefler-rhel6-client01 ~]# subscription-manager-cli register --username=testuser1 --password=password --force 368955e0-7882-456a-bc96-1a0f152923af testuser1 [root@jsefler-rhel6-client01 ~]# ls -l /etc/pki/consumer/* -rw-r--r--. 1 root root 1269 Sep 9 10:29 /etc/pki/consumer/cert.pem -rw-r--r--. 1 root root 1679 Sep 9 10:29 /etc/pki/consumer/key.pem [root@jsefler-rhel6-client01 ~]# openssl x509 -text -noout -in /etc/pki/consumer/cert.pem Certificate: Data: Version: 3 (0x2) Serial Number: 164 (0xa4) Signature Algorithm: sha1WithRSAEncryption Issuer: CN=jsefler-f12-candlepin.usersys.redhat.com, C=US, L=Raleigh Validity Not Before: Sep 9 14:29:34 2010 GMT Not After : Sep 9 14:29:34 2011 GMT Subject: CN=368955e0-7882-456a-bc96-1a0f152923af Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:94:97:42:38:1f:57:ce:ef:12:5a:e8:c2:3a:4d: 1e:1a:98:8b:5b:63:4d:bf:c0:7d:a5:7d:60:38:b3: f3:d7:d9:66:e7:3c:3b:51:e1:68:b7:98:56:19:05: b3:93:f4:26:4d:4d:d0:78:70:f7:ac:12:51:bd:d8: f8:68:ac:53:de:63:c8:a7:7d:d0:d0:0d:6e:64:f4: 75:cf:8b:4f:0d:10:47:d4:6f:e3:34:d6:de:33:77: 9d:e6:9e:62:5b:b6:c2:97:55:b6:33:31:dd:17:75: 20:2a:c6:af:75:86:d4:89:b0:40:d2:bc:5c:93:98: 71:db:96:e6:9f:33:9a:cd:53:df:fb:fd:77:61:86: 14:12:54:fc:ba:f8:f3:92:f2:c2:db:a9:8e:01:22: f1:54:33:8e:f6:ce:92:c3:cb:89:ca:15:1b:78:69: 84:2f:55:b5:6f:e1:8d:2e:9f:1a:1b:3f:e4:91:0f: b3:7e:24:2d:c4:62:e0:25:19:43:bb:5b:5e:2f:f1: 3f:2a:0c:84:72:02:c2:1c:60:a3:d6:84:4d:bb:74: 60:3e:f2:59:93:c5:8c:6d:fd:f3:00:1a:e7:fb:ae: 97:db:61:8c:2d:b0:72:60:4e:83:09:e2:9c:ae:5a: 50:84:a9:01:da:2b:30:ab:8b:40:36:cf:b1:82:8b: 52:3f Exponent: 65537 (0x10001) X509v3 extensions: Netscape Cert Type: SSL Client, S/MIME X509v3 Key Usage: Digital Signature, Key Encipherment, Data Encipherment X509v3 Authority Key Identifier: keyid:96:B8:29:58:5D:04:30:FA:E1:3A:95:78:11:7F:0A:BA:C8:97:02:CC DirName:/CN=jsefler-f12-candlepin.usersys.redhat.com/C=US/L=Raleigh serial:DC:B4:1E:8F:C1:17:95:E6 X509v3 Subject Key Identifier: 1A:B7:F9:6D:3E:5B:08:6F:28:AF:1D:9E:95:AE:B6:34:19:3F:6B:80 X509v3 Extended Key Usage: TLS Web Client Authentication X509v3 Subject Alternative Name: DirName:/CN=testuser1 Signature Algorithm: sha1WithRSAEncryption 29:72:bd:9b:0f:e8:6e:68:07:30:d0:4b:d4:eb:fe:ec:d4:b7: 5a:87:04:03:76:7e:98:d5:04:8c:55:ee:d9:7c:2a:ed:0b:fd: 9f:e0:0e:c0:d8:bf:b5:01:1f:8b:99:80:24:e5:d4:8a:e3:9f: 85:3e:d8:f4:5b:7b:43:68:6a:80:16:67:31:85:5d:6e:1f:dd: fc:dc:2b:ef:3a:52:0e:f8:cc:24:73:59:55:6a:59:d1:d2:37: d5:3e:6c:62:f4:8a:0d:74:b1:8f:29:59:57:82:31:8e:bc:2b: 46:5b:c7:87:49:22:3f:6a:60:2f:03:d1:fc:2c:49:30:7c:16: a4:88 [root@jsefler-rhel6-client01 ~]# subscription-manager-cli reregister --username=testuser1 --password=password Ignoring username and password options. Using old uuid 368955e0-7882-456a-bc96-1a0f152923af 368955e0-7882-456a-bc96-1a0f152923af testuser1 [root@jsefler-rhel6-client01 ~]# ls -l /etc/pki/consumer/* -rw-r--r--. 1 root root 1269 Sep 9 10:31 /etc/pki/consumer/cert.pem -rw-r--r--. 1 root root 1679 Sep 9 10:31 /etc/pki/consumer/key.pem [root@jsefler-rhel6-client01 ~]# openssl x509 -text -noout -in /etc/pki/consumer/cert.pem Certificate: Data: Version: 3 (0x2) Serial Number: 165 (0xa5) Signature Algorithm: sha1WithRSAEncryption Issuer: CN=jsefler-f12-candlepin.usersys.redhat.com, C=US, L=Raleigh Validity Not Before: Sep 9 14:31:17 2010 GMT Not After : Sep 9 14:31:17 2011 GMT Subject: CN=368955e0-7882-456a-bc96-1a0f152923af Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:94:97:42:38:1f:57:ce:ef:12:5a:e8:c2:3a:4d: 1e:1a:98:8b:5b:63:4d:bf:c0:7d:a5:7d:60:38:b3: f3:d7:d9:66:e7:3c:3b:51:e1:68:b7:98:56:19:05: b3:93:f4:26:4d:4d:d0:78:70:f7:ac:12:51:bd:d8: f8:68:ac:53:de:63:c8:a7:7d:d0:d0:0d:6e:64:f4: 75:cf:8b:4f:0d:10:47:d4:6f:e3:34:d6:de:33:77: 9d:e6:9e:62:5b:b6:c2:97:55:b6:33:31:dd:17:75: 20:2a:c6:af:75:86:d4:89:b0:40:d2:bc:5c:93:98: 71:db:96:e6:9f:33:9a:cd:53:df:fb:fd:77:61:86: 14:12:54:fc:ba:f8:f3:92:f2:c2:db:a9:8e:01:22: f1:54:33:8e:f6:ce:92:c3:cb:89:ca:15:1b:78:69: 84:2f:55:b5:6f:e1:8d:2e:9f:1a:1b:3f:e4:91:0f: b3:7e:24:2d:c4:62:e0:25:19:43:bb:5b:5e:2f:f1: 3f:2a:0c:84:72:02:c2:1c:60:a3:d6:84:4d:bb:74: 60:3e:f2:59:93:c5:8c:6d:fd:f3:00:1a:e7:fb:ae: 97:db:61:8c:2d:b0:72:60:4e:83:09:e2:9c:ae:5a: 50:84:a9:01:da:2b:30:ab:8b:40:36:cf:b1:82:8b: 52:3f Exponent: 65537 (0x10001) X509v3 extensions: Netscape Cert Type: SSL Client, S/MIME X509v3 Key Usage: Digital Signature, Key Encipherment, Data Encipherment X509v3 Authority Key Identifier: keyid:96:B8:29:58:5D:04:30:FA:E1:3A:95:78:11:7F:0A:BA:C8:97:02:CC DirName:/CN=jsefler-f12-candlepin.usersys.redhat.com/C=US/L=Raleigh serial:DC:B4:1E:8F:C1:17:95:E6 X509v3 Subject Key Identifier: 1A:B7:F9:6D:3E:5B:08:6F:28:AF:1D:9E:95:AE:B6:34:19:3F:6B:80 X509v3 Extended Key Usage: TLS Web Client Authentication X509v3 Subject Alternative Name: DirName:/CN=testuser1 Signature Algorithm: sha1WithRSAEncryption 0e:4e:e6:c6:61:e0:1b:ad:ec:de:f1:a9:e9:82:6c:8b:5c:e1: bd:d1:35:40:b1:f2:5e:2e:5f:5e:8a:97:99:8f:6c:6a:4a:23: 8f:c7:93:67:15:f4:8c:04:81:23:36:2c:2e:18:f2:9c:4d:eb: 2d:54:ad:c9:89:d1:d0:e9:cf:16:7e:a0:2b:72:c5:d2:41:d8: 3f:ea:58:72:f5:64:6d:00:30:c6:7b:d0:02:f4:1c:09:28:56: 36:91:5e:3d:c7:86:f0:a3:b2:0a:40:92:27:fb:b5:c9:52:08: b9:0d:60:15:92:3f:9f:05:01:3c:de:39:1b:ba:77:24:be:d1: 52:4a [root@jsefler-rhel6-client01 ~]# MOVING TO VERIFIED An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHEA-2011-0611.html |