| Summary: | RHUA Manager does not capture invalid client CA pass phrase | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Update Infrastructure for Cloud Providers | Reporter: | Matthew Mariani <mmariani> | ||||
| Component: | RHUA | Assignee: | James Slagle <jslagle> | ||||
| Status: | CLOSED DUPLICATE | QA Contact: | wes hayutin <whayutin> | ||||
| Severity: | high | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 2.1 | CC: | kbidarka, sghai, tsanders | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | x86_64 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2012-04-17 19:28:19 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Attachments: |
|
||||||
CORRECTION: Description of problem/How reproducible: Should be When creating the 'RHUI repositories', not 'identity certs' Reference: Support Case 00619715 - RHUA Repository Creation Fail - RESOLVED *** This bug has been marked as a duplicate of bug 809064 *** |
Created attachment 576804 [details] RHUI Log showing unable to load client CA Private Key Description of problem: When creating the RHUI identity cert, The wrong client certificate pass phrase was used; however, rhui-manager reports successfully regenerated RHUI identity certificate, when it fact it does not. Version-Release number of selected component (if applicable): RHUI 2.0.2 How reproducible: When creating the RHUI identity cert, enter the wrong passphrase. Steps to Reproduce: 1. Generate a new RHUI identity cert 2. Enter an invalid client CA passphrase Enter the number of days the RHUI identity certificate will be valid. If the identity certificate ever expires, it will need to be regenerated using rhui-manager [Default: 3650]: ....+++ ..........................................................................+++ Enter pass phrase for /etc/pki/rhui/entitlement-ca-key.pem: Successfully regenerated RHUI Identity certificate 3. Look in rhui.log for error message (unable to load CA Private Key): (see attachment) Private key creation output Exit Code: 0 writing RSA key Command [openssl x509 -req -days 3650 -in /tmp/rhui-id-Ak1Nbw/identity.csr -CA /etc/pki/rhui/entitlement-ca.crt -CAkey /etc/pki/rhui/entitlement-ca-key.pem -out /tmp/rhui-id-Ak1Nbw/identity.crt -extfile /tmp/rhui-id-Ak1Nbw/identity-extensions.txt -extensions rhui] Certificate creation output Signature ok subject=/CN=Red Hat Update Infrastructure Getting CA Private Key unable to load CA Private Key Actual results: Enter the number of days the RHUI identity certificate will be valid. If the identity certificate ever expires, it will need to be regenerated using rhui-manager [Default: 3650]: ....+++ ..........................................................................+++ Enter pass phrase for /etc/pki/rhui/entitlement-ca-key.pem: Successfully regenerated RHUI Identity certificate Expected results: Enter pass phrase for /etc/pki/rhui/entitlement-ca-key.pem: Invalid pass phrase or entitlement CA!!! Please try again Enter pass phrase for /etc/pki/rhui/entitlement-ca-key.pem: Additional info: