Bug 1011768 - Entitlement cert doesnt contain value for "Brand type" and fail to create branded_name file when the cert version set to 1
Summary: Entitlement cert doesnt contain value for "Brand type" and fail to create br...
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: subscription-manager
Version: 7.1
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: candlepin-bugs
QA Contact: John Sefler
URL:
Whiteboard:
Depends On:
Blocks: rhsm-rhel70
TreeView+ depends on / blocked
 
Reported: 2013-09-25 06:12 UTC by Rehana
Modified: 2013-10-11 14:07 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-10-11 14:07:24 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Rehana 2013-09-25 06:12:12 UTC 
Description of problem:
Observed that for the client with cert version less than V3 was not getting Brand type value in the entitlement cert and also the file "branded_name" didnt get created on the client

Version-Release number of selected component (if applicable):
subscription-manager version
server type: Red Hat Subscription Management
subscription management server: 0.8.28-1
subscription-manager: 1.10.2-1.git.20.340ef28.el7
python-rhsm: 1.10.2-1.git.4.3048ab5.el7


How reproducible:
3/3

Steps to Reproduce:
1.Set the "system.certificate_version" to 1 ex: echo '{"system.certificate_version":"1"}' > /etc/rhsm/facts/certversion.facts
2.Do a facts update
3.now auto-attach subscription 
4.[root@localhost pki]# subscription-manager attach --auto
Installed Product Current Status:
Product Name: Awesome OS Server Bits
Status:       Subscribed

[root@localhost pki]# cd entitlement/
[root@localhost entitlement]# rct cc 3617287459656864889.pem |more

+-------------------------------------------+
	Entitlement Certificate
+-------------------------------------------+

Certificate:
	Path: 3617287459656864889.pem
	Version: 1.0
	Serial: 3617287459656864889
	Start Date: 2013-09-25 00:00:00+00:00
	End Date: 2014-09-25 00:00:00+00:00
	Pool ID: Not Available

Subject:
	CN: 8ac6a36241539ee4014153b0f24a152e

Issuer:
	C: US
	CN: 10.70.35.226
	L: Raleigh

Product:
	ID: 37060
	Name: Awesome OS Server Bits
	Version: 6.1
	Arch: ALL
	Tags: 
	Brand Type:   ----->> no value

Order:
	Name: Awesome OS with unlimited virtual guests
	Number: order-8675309
	SKU: awesomeos-virt-unlimited
	Contract: 1
5. Verify the branded_name file
[root@localhost entitlement]# cat /var/lib/rhsm/branded_name 
cat: /var/lib/rhsm/branded_name: No such file or directory


Actual results:
Observed that the entitlement cert did nt had the brand type value, and the branded_name file didnt get created

Expected results:
Should contain the value for brand type and branded_name file should be created regardless of the certificate version

Additional info:
rhsm.log (branding log)
2013-09-25 11:26:47,792 [DEBUG]  @connection.py:460 - Response status: 200
2013-09-25 11:26:47,794 [DEBUG]  @connection.py:420 - Loading CA PEM certificates from: /etc/rhsm/ca/
2013-09-25 11:26:47,795 [DEBUG]  @connection.py:402 - Loading CA certificate: '/etc/rhsm/ca/candlepin-stage.pem'
2013-09-25 11:26:47,795 [DEBUG]  @connection.py:402 - Loading CA certificate: '/etc/rhsm/ca/redhat-uep.pem'
2013-09-25 11:26:47,802 [DEBUG]  @connection.py:402 - Loading CA certificate: '/etc/rhsm/ca/candlepin-ca.pem'
2013-09-25 11:26:47,802 [DEBUG]  @connection.py:441 - Making request: GET /candlepin/consumers/ce06b718-b935-447c-9089-ae5dfb4a0dd7/certificates/serials
2013-09-25 11:26:48,020 [DEBUG]  @connection.py:460 - Response status: 200
2013-09-25 11:26:48,021 [DEBUG]  @connection.py:420 - Loading CA PEM certificates from: /etc/rhsm/ca/
2013-09-25 11:26:48,021 [DEBUG]  @connection.py:402 - Loading CA certificate: '/etc/rhsm/ca/candlepin-stage.pem'
2013-09-25 11:26:48,022 [DEBUG]  @connection.py:402 - Loading CA certificate: '/etc/rhsm/ca/redhat-uep.pem'
2013-09-25 11:26:48,022 [DEBUG]  @connection.py:402 - Loading CA certificate: '/etc/rhsm/ca/candlepin-ca.pem'
2013-09-25 11:26:48,023 [DEBUG]  @connection.py:441 - Making request: GET /candlepin/consumers/ce06b718-b935-447c-9089-ae5dfb4a0dd7/certificates?serials=3617287459656864889
2013-09-25 11:26:48,182 [DEBUG]  @connection.py:460 - Response status: 200
2013-09-25 11:26:48,209 [DEBUG]  @entbranding.py:47 - BrandInstaller ent_certs:  [3617287459656864889L]
2013-09-25 11:26:48,210 [DEBUG]  @certdirectory.py:204 - Installed product IDs: ['37060']
2013-09-25 11:26:48,210 [DEBUG]  @rhelentbranding.py:124 - 0 entitlement certs with brand info found
2013-09-25 11:26:48,210 [INFO]  @certlib.py:244 - certs updated:
Total updates: 1
Found (local) serial# []
Expected (UEP) serial# [3617287459656864889]
Added (new)
  [sn:3617287459656864889 (Awesome OS Server Bits,) @ /etc/pki/entitlement/3617287459656864889.pem]
Deleted (rogue):
  <NONE>
2013-09-25 11:26:48,238 [DEBUG]  @certdirectory.py:204 - Installed product IDs: ['37060']
2013-09-25 11:26:48,238 [DEBUG]  @connection.py:420 - Loading CA PEM certificates from: /etc/rhsm/ca/
2013-09-25 11:26:48,239 [DEBUG]  @connection.py:402 - Loading CA certificate: '/etc/rhsm/ca/candlepin-stage.pem'
2013-09-25 11:26:48,239 [DEBUG]  @connection.py:402 - Loading CA certificate: '/etc/rhsm/ca/redhat-uep.pem'
2013-09-25 11:26:48,239 [DEBUG]  @connection.py:402 - Loading CA certificate: '/etc/rhsm/ca/candlepin-ca.pem'
2013-09-25 11:26:48,240 [DEBUG]  @connection.py:441 - Making request: GET /candlepin/consumers/ce06b718-b935-447c-9089-ae5dfb4a0dd7/compliance
2013-09-25 11:26:48,383 [DEBUG]  @connection.py:460 - Response status: 200

Retested the above scenario with cert version 3.2, observed that the brand type value  was present in the entitlement file, and the branded_name file was created
Comment 1 Bryan Kearney 2013-10-11 14:07:24 UTC 
Branding is a cert v3 feature. RHEL7 should only be using certv3. I am fine with this as is.
Note You need to log in before you can comment on or make changes to this bug.