Bug 1143941 - RHEV/oVirt compute resource should have CA text field editable
Summary: RHEV/oVirt compute resource should have CA text field editable
Keywords:
Status: CLOSED DEFERRED
Alias: None
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Provisioning
Version: 6.0.4
Hardware: Unspecified
OS: Unspecified
unspecified
medium vote
Target Milestone: Unspecified
Assignee: Lukas Zapletal
QA Contact: Tazim Kolhar
URL: http://projects.theforeman.org/issues...
Whiteboard:
Depends On:
Blocks: 1173228
TreeView+ depends on / blocked
 
Reported: 2014-09-18 09:46 UTC by Lukas Zapletal
Modified: 2017-02-23 20:56 UTC (History)
10 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
The Satellite Server could not connect to RHEV/oVirt Compute Resources that had non self-signed CA certificates. To fix this issue, the CA field in Compute Resources can now be edited. Providing the correct CA or CA chain should allow the Satellite Server to connect to the compute resource.
Clone Of:
: 1173228 (view as bug list)
Environment:
Last Closed: 2014-12-11 17:48:05 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2014:1857 normal SHIPPED_LIVE Red Hat Satellite 6 server bug fix update 2014-11-14 03:28:23 UTC
Foreman Issue Tracker 7522 None None None 2016-04-22 16:33:48 UTC
Red Hat Bugzilla 1119420 None None None Never

Internal Links: 1119420

Description Lukas Zapletal 2014-09-18 09:46:17 UTC
Due to bug

https://bugzilla.redhat.com/show_bug.cgi?id=1125933

it is not possible to connect Satellite 6 to RHEV/oVirt instance that has non self-signed server certificate. Meaning: most production instances.

Solution to that problem is pretty straightforward. If we make the CA field editable, users can fix that problem easily by providing the correct CA (or chain of CAs in the correct order).

Also we should add more informative text next to the field (Help popup) explaining how this works.

Comment 2 Lukas Zapletal 2014-09-18 09:49:28 UTC
When working on this bug, test also wildcard cert because I believe this is the root issue of the wildcard problem: https://bugzilla.redhat.com/show_bug.cgi?id=1119420

Comment 4 Bryan Kearney 2014-09-19 08:06:25 UTC
Upstream bug assigned to lzap@redhat.com

Comment 5 Bryan Kearney 2014-10-02 12:07:26 UTC
Moving to POST since upstream bug http://projects.theforeman.org/issues/7522 has been closed
-------------
Lukas Zapletal
Applied in changeset commit:e944a1b2146a9617757340d5f592ded031e6fea5.

Comment 8 Tazim Kolhar 2014-10-17 12:51:56 UTC
VERIFIED

*** This bug is verified in upstream.  This fix should eventually land in future downstream builds ***

# rpm -qa | grep foreman
foreman-release-1.7.0-0.develop.201410150839gitb948163.el6.noarch
foreman-gce-1.7.0-0.develop.201410150839gitb948163.el6.noarch
foreman-selinux-1.7.0-0.develop.201409301113git2f345de.el6.noarch
rubygem-hammer_cli_foreman_tasks-0.0.3-2.201409091410gitc96619d.git.0.37f3704.el6.noarch
qe-foreman-rhel65.usersys.redhat.com-foreman-proxy-1.0-1.noarch
foreman-postgresql-1.7.0-0.develop.201410150839gitb948163.el6.noarch
qe-foreman-rhel65.usersys.redhat.com-qpid-broker-1.0-1.noarch
qe-foreman-rhel65.usersys.redhat.com-qpid-client-cert-1.0-1.noarch
foreman-1.7.0-0.develop.201410150839gitb948163.el6.noarch
foreman-ovirt-1.7.0-0.develop.201410150839gitb948163.el6.noarch
foreman-vmware-1.7.0-0.develop.201410150839gitb948163.el6.noarch
ruby193-rubygem-foreman_hooks-0.3.7-2.el6.noarch
ruby193-rubygem-foreman_discovery-1.4.0-0.1.rc4.el6.noarch
rubygem-hammer_cli_foreman-0.1.3-1.201410151235gitbc8c449.el6.noarch
ruby193-rubygem-foreman_bootdisk-4.0.0-1.el6.noarch
foreman-proxy-1.7.0-0.develop.201410101404git7961640.el6.noarch
qe-foreman-rhel65.usersys.redhat.com-puppet-client-1.0-1.noarch
qe-foreman-rhel65.usersys.redhat.com-foreman-client-1.0-1.noarch
qe-foreman-rhel65.usersys.redhat.com-apache-1.0-1.noarch
qe-foreman-rhel65.usersys.redhat.com-parent-cert-1.0-1.noarch
foreman-compute-1.7.0-0.develop.201410150839gitb948163.el6.noarch
ruby193-rubygem-foreman-tasks-0.6.10-1.el6.noarch
foreman-libvirt-1.7.0-0.develop.201410150839gitb948163.el6.noarch


able to connect Satellite 6 to RHEV/oVirt instance
also the CA field is editable

Comment 9 Tazim Kolhar 2014-10-17 12:52:13 UTC
VERIFIED

*** This bug is verified in upstream.  This fix should eventually land in future downstream builds ***

# rpm -qa | grep foreman
foreman-release-1.7.0-0.develop.201410150839gitb948163.el6.noarch
foreman-gce-1.7.0-0.develop.201410150839gitb948163.el6.noarch
foreman-selinux-1.7.0-0.develop.201409301113git2f345de.el6.noarch
rubygem-hammer_cli_foreman_tasks-0.0.3-2.201409091410gitc96619d.git.0.37f3704.el6.noarch
qe-foreman-rhel65.usersys.redhat.com-foreman-proxy-1.0-1.noarch
foreman-postgresql-1.7.0-0.develop.201410150839gitb948163.el6.noarch
qe-foreman-rhel65.usersys.redhat.com-qpid-broker-1.0-1.noarch
qe-foreman-rhel65.usersys.redhat.com-qpid-client-cert-1.0-1.noarch
foreman-1.7.0-0.develop.201410150839gitb948163.el6.noarch
foreman-ovirt-1.7.0-0.develop.201410150839gitb948163.el6.noarch
foreman-vmware-1.7.0-0.develop.201410150839gitb948163.el6.noarch
ruby193-rubygem-foreman_hooks-0.3.7-2.el6.noarch
ruby193-rubygem-foreman_discovery-1.4.0-0.1.rc4.el6.noarch
rubygem-hammer_cli_foreman-0.1.3-1.201410151235gitbc8c449.el6.noarch
ruby193-rubygem-foreman_bootdisk-4.0.0-1.el6.noarch
foreman-proxy-1.7.0-0.develop.201410101404git7961640.el6.noarch
qe-foreman-rhel65.usersys.redhat.com-puppet-client-1.0-1.noarch
qe-foreman-rhel65.usersys.redhat.com-foreman-client-1.0-1.noarch
qe-foreman-rhel65.usersys.redhat.com-apache-1.0-1.noarch
qe-foreman-rhel65.usersys.redhat.com-parent-cert-1.0-1.noarch
foreman-compute-1.7.0-0.develop.201410150839gitb948163.el6.noarch
ruby193-rubygem-foreman-tasks-0.6.10-1.el6.noarch
foreman-libvirt-1.7.0-0.develop.201410150839gitb948163.el6.noarch


able to connect Satellite 6 to RHEV/oVirt instance
also the CA field is editable

Comment 10 Tazim Kolhar 2014-10-31 13:18:48 UTC
VERIFIED

against z-stream

Comment 12 errata-xmlrpc 2014-11-13 22:29:17 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2014:1857

Comment 13 Yaniv Bronhaim 2014-12-01 12:33:04 UTC
As far as I checked this fix was not merged to satellite 6.0.6

reopening the issue to verify that it gets to latest available 6.0.z

Comment 14 Bryan Kearney 2014-12-01 13:03:56 UTC
Moving to POST since upstream bug http://projects.theforeman.org/issues/7522 has been closed
-------------
Lukas Zapletal
Applied in changeset commit:e944a1b2146a9617757340d5f592ded031e6fea5.

Comment 18 Mike McCune 2014-12-11 17:24:34 UTC
temp move to MOD for ET

Comment 19 Mike McCune 2014-12-11 17:47:53 UTC
CLOSING as this was included in a prior errata and can't be included in more than one Errata over time.

Cloned to https://bugzilla.redhat.com/show_bug.cgi?id=1173228


Note You need to log in before you can comment on or make changes to this bug.