Bug 971337

Summary: No correct error message is shown when adding SSL with empty content of the key files from website
Product: OpenShift Online Reporter: joycezhang <jinzhang>
Component: WebsiteAssignee: Jessica Forrester <jforrest>
Status: CLOSED CURRENTRELEASE QA Contact: libra bugs <libra-bugs>
Severity: medium Docs Contact:
Priority: medium    
Version: 2.xCC: tfeng, wsun
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-07-22 15:16:01 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description joycezhang 2013-06-06 10:08:26 UTC 
Description of problem:
If trying to add SSL for an alias with empty file, no error would be returned.

Version-Release number of selected component (if applicable):
devenv_3326

How reproducible:
always

Steps to Reproduce:
1.Log to openshift web console with a user with SSL Certificates Supported permission. 
2.Add an alias to an app.
3.Add an empty key file for SSL and certificate private key field.

Actual results:
"Alias has been updated" is shown.

Expected results:
Error message "Invalid certificate file" is shown.

Additional info:
It works well from rhc client as below:

# rhc alias update-cert eap11 foo3.bar.com --certificate empty.crt --private-key empty.key -l jinzhang+106
Invalid certificate file: empty.crt is empty
Comment 1 Clayton Coleman 2013-06-07 16:17:46 UTC 
The broker should be returning an error in this case, not the clients.
Comment 2 Lili Nader 2013-06-14 19:10:02 UTC 
The code on broker was recently changed to accommodate for cases where the console sends an empty string for params that are not specified by user.  So the broker now treats empty strings as nil.

Since, the SSL parameters are optional for alias creation and the values are empty (nil) then the alias is created without a certificate and no error is thrown.

We can change the broker back to throwing errors when the values for the following parameters is an empty string.  But the console then should not send empty strings for nil or not specified values.  

ssl_certificate
private_key
pass_phrase
Comment 3 Jessica Forrester 2013-06-18 22:25:53 UTC 
Going to spend time re-writing this area of the code.
Comment 4 openshift-github-bot 2013-06-25 21:55:13 UTC 
Commit pushed to master at https://github.com/openshift/origin-server

https://github.com/openshift/origin-server/commit/0f1e06d8ede66b613db946bc5d784203fdaffdca
Bug 971337 - cleanup alias form errors

Add alias views for new and edit

Get existing aliases test cases working with new routing and templates

Add new test cases to cover SSL cert errors for empty or missing files

Grammar corrections for ssl cert messages

Show form errors on alias edit

Add test case for errors on alias edit form

Testcase for create alias with a cert

Rename PersistentConnectionError to ResetConnectionError

Fix typo
Comment 5 Wei Sun 2013-06-27 03:37:42 UTC 
Verified on devenv_3149

After adding SSL for an alias with empty file,it returns "SSL certificate file was empty."