Bug 1129696 - start-tracking does not saves the CA cert to specified file location
Summary: start-tracking does not saves the CA cert to specified file location
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: certmonger
Version: 6.6
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: rc
: ---
Assignee: Nalin Dahyabhai
QA Contact: Kaleem
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-08-13 13:31 UTC by Kaleem
Modified: 2014-10-14 07:12 UTC (History)
4 users (show)

Fixed In Version: certmonger-0.75.13-1
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-10-14 07:12:56 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2014:1512 normal SHIPPED_LIVE certmonger bug fix and enhancement update 2014-10-14 01:22:25 UTC

Description Kaleem 2014-08-13 13:31:38 UTC
Description of problem:
start-tracking should fetches and saves CA cert to specified
file location if not already present there.

Version-Release number of selected component (if applicable):
[root@rhel66-master ~]# rpm -q certmonger
certmonger-0.75.10-1.el6.x86_64
[root@rhel66-master ~]# 

How reproducible:


Steps to Reproduce:
1. Place a cert request 
ipa-getcert request -w -v -f /tmp/certs/test.crt -k /tmp/certs/test.key

2. Stop tracking of cert issued in step1 
ipa-getcert stop-tracking -i 20140813065737

3. Start tracking the cert with -F parameter which is supposed to save CA cert to specified location.

ipa-getcert start-tracking -w -v -f /tmp/certs/test.crt -k /tmp/certs/test.key -F /tmp/certs/test-root.crt

Actual results:
No CA cert saved to specified location

[root@rhel66-master certs]# ls
test.crt  test.key
[root@rhel66-master certs]#

Expected results:
CA cert should be saved to specified location.

Comment 4 Kaleem 2014-08-19 04:02:23 UTC
Verified.

certmonger vesion:
=================
[root@rhel66-master certs]# rpm -q certmonger
certmonger-0.75.13-1.el6.x86_64
[root@rhel66-master certs]# 

[root@rhel66-master ~]# ipa-getcert request -w -v -f /tmp/certs/test.crt -k /tmp/certs/test.key
New signing request "20140819035412" added.
State NEWLY_ADDED_READING_KEYINFO, stuck: no.
State GENERATING_CSR, stuck: no.
State SUBMITTING, stuck: no.
State SAVING_CERT, stuck: no.
State MONITORING, stuck: no.
[root@rhel66-master ~]# ipa-getcert stop-tracking -i 20140819035412
Request "20140819035412" removed.
[root@rhel66-master ~]# cd /tmp/certs/
[root@rhel66-master certs]# ls
test.crt  test.key
[root@rhel66-master certs]# ipa-getcert start-tracking -w -v -f /tmp/certs/test.crt -k /tmp/certs/test.key -F /tmp/certs/test-root.crt
New tracking request "20140819035453" added.
State NEWLY_ADDED_READING_CERT, stuck: no.
State MONITORING, stuck: no.
[root@rhel66-master certs]# ipa-getcert list -i 20140819035453
Number of certificates and requests being tracked: 9.
Request ID '20140819035453':
	status: MONITORING
	stuck: no
	key pair storage: type=FILE,location='/tmp/certs/test.key'
	certificate: type=FILE,location='/tmp/certs/test.crt'
	CA: IPA
	issuer: CN=Certificate Authority,O=TESTRELM.TEST
	subject: CN=rhel66-master.testrelm.test,O=TESTRELM.TEST
	expires: 2016-08-19 03:54:13 UTC
	key usage: digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment
	eku: id-kp-serverAuth,id-kp-clientAuth
	pre-save command: 
	post-save command: 
	track: yes
	auto-renew: yes
[root@rhel66-master certs]# ls
test.crt  test.key  test-root.crt
[root@rhel66-master certs]#

Comment 5 errata-xmlrpc 2014-10-14 07:12:56 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1512.html


Note You need to log in before you can comment on or make changes to this bug.