Hide Forgot
Previously, the "getcert list" command did not display the "pre-save command" and "post-save command" values. As a consequence, running "getcert list" could return incomplete results. With this update, the problem has been fixed, and running "getcert list" displays the "pre-save command" and "post-save command" values as expected. (BZ#1178190)
Description of problem: getcert list no longer displays the pre and post-save commands. The labels are there but not the contents. I confirmed that the values are there in /var/lib/certmonger/requests. With version certmonger-0.61-3.el6: Request ID '20150102143632': status: MONITORING stuck: no key pair storage: type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS Certificate DB',pinfile='/etc/httpd/alias/pwdfile.txt' certificate: type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS Certificate DB' CA: IPA issuer: CN=Certificate Authority,O=EXAMPLE.COM subject: CN=pacer.example.com,O=EXAMPLE.COM expires: 2017-01-02 14:36:32 UTC eku: id-kp-serverAuth,id-kp-clientAuth pre-save command: post-save command: /usr/lib64/ipa/certmonger/restart_httpd track: yes auto-renew: yes And certmonger-0.75.13-1.el6: Request ID '20150102143632': status: MONITORING stuck: no key pair storage: type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS Certificate DB',pinfile='/etc/httpd/alias/pwdfile.txt' certificate: type=NSSDB,location='/etc/httpd/alias',nickname='Server-Cert',token='NSS Certificate DB' CA: IPA issuer: CN=Certificate Authority,O=EXAMPLE.COM subject: CN=pacer.example.com,O=EXAMPLE.COM expires: 2017-01-02 14:36:32 UTC key usage: digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment eku: id-kp-serverAuth,id-kp-clientAuth pre-save command: post-save command: track: yes auto-renew: yes Version-Release number of selected component (if applicable): certmonger-0.75.13-1.el6
Verified. Certmonger version: ------------------- [root@dhcp207-188 ~]# rpm -q certmonger certmonger-0.77.1-1.el6.x86_64 [root@dhcp207-188 ~]# Snip from automation log: ------------------------- :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: certmonger_bz1178190 - pre and post commands do not display in getcert list :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ BEGIN ] :: Creating tmp directory :: actually running 'TmpDir=`mktemp -d`' :: [ PASS ] :: Creating tmp directory (Expected 0, got 0) :: [ BEGIN ] :: running getcert to check pre/post commands in output :: actually running 'getcert list | grep command: > /tmp/tmp.jE9I8Pg81L/bz1178190.txt 2>&1' :: [ PASS ] :: running getcert to check pre/post commands in output (Expected 0, got 0) :: [ PASS ] :: File '/tmp/tmp.jE9I8Pg81L/bz1178190.txt' should contain 'pre-save command: /usr/lib64/ipa/certmonger/stop_pkicad' :: [ PASS ] :: File '/tmp/tmp.jE9I8Pg81L/bz1178190.txt' should contain 'post-save command: /usr/lib64/ipa/certmonger/renew_ca_cert "auditSigningCert cert-pki-ca"' :: [ BEGIN ] :: running getcert to check pre/post commands in output :: actually running 'grep _command /var/lib/certmonger/requests/* > /tmp/tmp.jE9I8Pg81L/bz1178190.txt 2>&1' :: [ PASS ] :: running getcert to check pre/post commands in output (Expected 0, got 0) :: [ PASS ] :: File '/tmp/tmp.jE9I8Pg81L/bz1178190.txt' should contain 'pre_certsave_command=/usr/lib64/ipa/certmonger/stop_pkicad' :: [ PASS ] :: File '/tmp/tmp.jE9I8Pg81L/bz1178190.txt' should contain 'post_certsave_command=/usr/lib64/ipa/certmonger/renew_ca_cert "auditSigningCert cert-pki-ca"'
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-1379.html