Bug 746799

Summary: New rhui-manager screen to regenerate the identity certificate
Product: Red Hat Update Infrastructure for Cloud Providers Reporter: James Slagle <jslagle>
Component: CDSAssignee: Lana Brindley <lbrindle>
Status: CLOSED CURRENTRELEASE QA Contact: wes hayutin <whayutin>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 2.0.1CC: kbidarka, mhideo, sghai
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-10-30 19:04:57 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description James Slagle 2011-10-17 19:47:28 UTC 
There is a new screen in rhui-manager used to regenerate the identity certificate.  The identity certificate will need to be regenerated if it ever expires.  Starting with 2.0.1, the user is prompted for how many days the certificate will be valid for, with a default of 3650.  However, with 2.0, it was hardcoded to expire after 365 days.

From the home rhui-manager menu, there's a new option for this new screen:
   i   manage identity certificate

Pressing 'i' takes you to the new screen:

------------------------------------------------------------------------------
             -= Red Hat Update Infrastructure Management Tool =-


-= Identity Certificate Management =-

   g   generate a new identity certificate

                          Connected: ec2-107-20-207-64.compute-1.amazonaws.com
------------------------------------------------------------------------------

Pressing 'g' (the only option):

rhui (identity) => g

Generating a new RHUI identity certificate will replace 
the one currently stored at /etc/pki/rhui/identity.crt.  Proceed? [y/n]: y

Enter the number of days the RHUI identity certificate will be valid.  
If the identity certificate ever expires, it will need to be 
regenerated using rhui-manager [Default: 3650]: 
...............+++
.........+++
Successfully regenerated RHUI Identity certificate

------------------------------------------------------------------------------
Comment 1 wes hayutin 2011-10-17 20:01:40 UTC 
set tracker bug. 746803
Comment 3 Lana Brindley 2011-10-24 02:56:12 UTC 
New chapter added, please review on the stage.

Revision 2-13.

LKB
Comment 4 Sachin Ghai 2011-10-24 11:59:22 UTC 
Verified at stage with following link:
http://documentation-stage.bne.redhat.com/docs/en-US/Red_Hat_Update_Infrastructure/2.0/html/Installation_Guide/chap-Installation_Guide-Identity_Certificates.html

Under "Procedure 9.1. Generate a New Identity Certificate" ==> step4

>> The new identity certificate will be created. You should restart the service >> to pick up the changes: 

I'm not sure if we need to restart any service to pick up the changes. if it is not required then we need to remove this statement.

James, could you please help to clarify this ?
Comment 5 James Slagle 2011-10-25 12:39:45 UTC 
It's fine telling them to restart services.  It's probably not strictly required at this point, but it's not going to hurt anything.