Bug 795879

Summary: SSL commonName verification does not work on multihome SAM
Product: [Retired] Subscription Asset Manager Reporter: Mike Khusid <mkhusid>
Component: Docs Installation GuideAssignee: sachua
Status: CLOSED CURRENTRELEASE QA Contact: ecs-bugs
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 1.0.0CC: alyoung, bkearney, dlackey, dmacpher, jofernan, lzap, mbacovsk, sachua, xdmoon
Target Milestone: ---Keywords: Triaged
Target Release: 1.X   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 789449 Environment:
Last Closed: 2012-07-10 04:12:17 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 789449    
Bug Blocks:    

Comment 4 Lana Brindley 2012-03-07 03:33:51 UTC 
Setting NEEDINFO and slating for 1.1.

LKB
Comment 5 Mike Khusid 2012-03-07 14:10:27 UTC 
redirecting NEEDINFO to a developer.
Comment 6 RHEL Program Management 2012-03-30 14:27:31 UTC 
Thank you for your bug report. This issue was evaluated for inclusion
in the current release of Subscription Asset Manager (SAM). Unfortunately,
we are unable to address this request. Because we are in the final stages
of development in the current release, only significant, release-blocking
issues involving serious regressions and data corruption can be considered.

If you believe this issue meets the release blocking criteria as defined and
communicated to you by your Red Hat Support representative, please ask
your representative to file this issue as a blocker for the current release.
Otherwise, ask that it be evaluated for inclusion in the next release of SAM.
Comment 7 Martin Bacovsky 2012-05-11 09:07:09 UTC 
Multihome support should come along with changes that allow usage of customer signed certificates in Katello/SAM. The work is in progress and I expect first results in the end of the next week. The fix will require change of the katello/SAM server certificate during the upgrade and I expect that some extensive testing of the upgrade process will be needed (first upgrade in katello project, cert setup in the consumers needs to be changed as well)
Comment 11 Martin Bacovsky 2012-05-15 14:55:47 UTC 
The workaround is now documented on the project wiki https://fedorahosted.org/katello/wiki/MultiHomeDesign. The workaround is also usable for custom SSL certificate deployment.