| Summary: | proper error message not displayed on providing non-existent request with 'getcert resubmit' | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Kaleem <ksiddiqu> |
| Component: | certmonger | Assignee: | Nalin Dahyabhai <nalin> |
| Status: | CLOSED ERRATA | QA Contact: | IDM QE LIST <seceng-idm-qe-list> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.2 | CC: | dpal, jgalipea, kchamart |
| Target Milestone: | rc | Keywords: | Reopened |
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | certmonger-0.47-1.el6 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2011-12-06 17:38:00 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
|
Description
Kaleem
2011-09-26 12:46:01 UTC
You have not specified an NSS database or file. The message clearly indicates this "None of database directory and nickname or certificate file specified." and then gives help. The request existence has not been even checked as not all required arguments are provided. Not a bug. from Nalin: The value passed to -i is an identifier, or nickname of sorts, for the request. Most places where you specify a file or directory, getcert first searches for a matching request to act on; the identifier can be used to specify it directly. So, yes, it's a bug, and it can be fixed (pretty easily, I think). Verified. RHEL Version: [root@dhcp201-220 ~]# cat /etc/redhat-release Red Hat Enterprise Linux Server release 6.2 Beta (Santiago) Certmonger Version: [root@dhcp201-220 ~]# rpm -q certmonger certmonger-0.47-1.el6.x86_64 Steps used to verified: (1)Install Certmonger [root@dhcp201-220 ~]# yum install certmonger -y . . Installing : certmonger-0.47-1.el6.x86_64 1/1 Installed products updated. Installed: certmonger.x86_64 0:0.47-1.el6 (2)Start Certmonger service [root@dhcp201-220 ~]# service certmonger start Starting certmonger: [ OK ] [root@dhcp201-220 ~]# (3)Run "getcert resubmit" with a non-existent request identifier [root@dhcp201-220 ~]# getcert resubmit -i 20110926104229 No request found with specified nickname. getcert - client certificate enrollment tool Usage: getcert resubmit [options] Required arguments: * By request identifier: -i NAME nickname for tracking request * If using an NSS database for storage: -d DIR NSS database for key and cert -n NAME nickname for NSS-based storage (only valid with -d) -t NAME optional token name for NSS-based storage (only valid with -d) * If using files for storage: -f FILE PEM file for certificate * If keys are encrypted: -p FILE file which holds the encryption PIN -P PIN PIN value * New parameter values for the signing request: -N NAME set requested subject name (default: CN=<hostname>) -U EXTUSAGE set requested extended key usage OID -K NAME set requested principal name -D DNSNAME set requested DNS name -E EMAIL set requested email address Optional arguments: * Certificate handling settings: -I NAME new nickname to give to tracking request -c CA use the specified CA rather than the current one * Bus options: -S connect to the certmonger service on the system bus -s connect to the certmonger service on the session bus * Other options: -v report all details of errors [root@dhcp201-220 ~]# Result: Now proper error message "No request found with specified nickname." is displayed on console along with help text. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2011-1708.html |