Bug 845622
Summary: | If an idenity certificate has expired, there should be a friendly error message | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | Bryan Kearney <bkearney> |
Component: | subscription-manager | Assignee: | William Poteat <wpoteat> |
Status: | CLOSED ERRATA | QA Contact: | Entitlement Bugs <entitlement-bugs> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 5.10 | CC: | alikins, fsharath, jesusr, jgalipea, jsefler, mstead, sgao, wpoteat |
Target Milestone: | beta | Flags: | jgalipea:
needinfo+
|
Target Release: | 5.10 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | 1.8.2 | Doc Type: | Bug Fix |
Doc Text: |
Cause:
Unfriendly error messages being displayed to user.
Consequence:
The unfriendly error messages make it difficult to understand why something failed.
Fix:
Added verbiage to notify users that their identity certificate is expired.
Result:
Now users can see when their identity certificates are expired instead of trying to decipher a cryptic error message.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2013-09-30 22:49:36 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 840995, 920191 |
Description
Bryan Kearney
2012-08-03 15:32:25 UTC
I would like to develop test case for the issue, but I can not get more detailed information over the issue, could you help provide the design details of it or detailed test steps on how to verify it? What kind of use case are users seeing bad error messages? For gui stuff at least, we seem to equate an expired cert as an invalid one, and treat it as unregistered. Do we have a suggested path for consumers to take when they have an expired id cert? Technically users shouldn't really see this that often since identity certs *should* get regenerated when the reach the expiry threshold. I think the plan was to just clean up the error messages so that users were more aware as to why the SSL error happened. Subscription Manager commit 8ff80d6e3e7c259e3e089ac8052e6f66dd9e4776 Python-rhsm commit 030d4a7aa3f93f5b2a1709a71170170db597c833 gaoshang: The way I tested this was to register the system, then set the clocks forward after the expiration on the certificate. Adrian: The error was just generic. The only way this scenario occurs is for the machine or rhsmcertd to be off during the expiration time. The path to take is a clean and re-register. Fixed in the 1.8.2 version of subscription-manager or python-rhsm This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux release for currently deployed products. This request is not yet committed for inclusion in a release. # rpm -qa | egrep "subscription-manager|python-rhsm" subscription-manager-migration-1.8.6-1.git.7.96019b0.el5 python-rhsm-1.8.9-1.git.7.214419e.el5 subscription-manager-migration-data-1.11.2.7-1.git.0.1dfd00e.el5 subscription-manager-1.8.6-1.git.7.96019b0.el5 subscription-manager-firstboot-1.8.6-1.git.7.96019b0.el5 subscription-manager-gui-1.8.6-1.git.7.96019b0.el5 >>Candlepin: # date Tue Apr 30 9:40:13:80 EST 2013 >>Client: # date Tue Apr 30 9:40:14:13 EST 2013 # subscription-manager register Username: testuser1 Password: Organization: admin The system has been registered with ID: 53515d90-94c0-451e-975e-d1c95f1447bb # date --set "20430501" >> Advancing date by 30 years Fri May 1 00:00:00 EST 2043 >>Candlepin: # date --set "20430501" >> Advancing date by 30 years Fri May 1 00:00:00 EDT 2043 >>Client: # subscription-manager identity Your identity certificate has expired VERIFIED sorry.. I missed the needinfo. It is verified, so I am clearing it now. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-1332.html |