1191693 – Product certificate 167.pem states "Cloudforms 2.1" as the product which is incorrect / outdated

Bug 1191693 - Product certificate 167.pem states "Cloudforms 2.1" as the product which is incorrect / outdated

Summary: Product certificate 167.pem states "Cloudforms 2.1" as the product which is i...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat CloudForms Management Engine
Classification:	Red Hat
Component:	Release Engineering
Sub Component:
Version:	5.3.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	low
Target Milestone:	GA
Target Release:	5.3.4
Assignee:	John Prause
QA Contact:	Jan Krocil
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1193522
TreeView+	depends on / blocked

Reported:	2015-02-11 18:47 UTC by Jan Krocil
Modified:	2015-05-06 19:23 UTC (History)
CC List:	6 users (show)
Fixed In Version:	5.3.4.1
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Clones:	1193522 (view as bug list)
Environment:
Last Closed:	2015-04-29 13:19:04 UTC
Category:	---
Cloudforms Team:	---
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
Registered CFME appliance as seen in Sat6 (content hosts page) (25.28 KB, image/png) 2015-02-11 18:47 UTC, Jan Krocil	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2015:0890	0	normal	SHIPPED_LIVE	cfme (5.3.4) bug fix and enhancement update	2015-04-29 17:18:32 UTC

Description Jan Krocil 2015-02-11 18:47:17 UTC

Created attachment 990607 [details]
Registered CFME appliance as seen in Sat6 (content hosts page)

Description of problem:
Product certificate 167.pem states "Cloudforms 2.1" as the product which is incorrect / outdated

Version-Release number of selected component (if applicable):
5.3.3.1 - 5.3.3.1.20150210145146_14d1c48

How reproducible:
-

Steps to Reproduce:
Run the following on an appliance:
# openssl x509 -in /etc/pki/product/167.pem -text -noout
This gives you:
...
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            1.3.6.1.4.1.2312.9.1.167.1: 
                ..Red Hat CloudForms
            1.3.6.1.4.1.2312.9.1.167.2: 
                ..2.1
            1.3.6.1.4.1.2312.9.1.167.3: 
                ..x86_64
            1.3.6.1.4.1.2312.9.1.167.4: 
                ..
...

Actual results:
Registered appliance appears as "Red Hat Cloudforms 2.1" in Satellite 6 which is incorrect and could confuse our customers.

Expected results:
CFME appears as "Red Hat Cloudforms 3.1" or whatever the correct version is when this is fixed.

Additional info:

Comment 2 Russell Laliberte 2015-02-12 13:13:44 UTC

Will Investigate

Comment 3 Russell Laliberte 2015-02-13 15:44:22 UTC

The cert pulled into the 5.3 image at build time is out of date;
I will provide an updated cert to the CFME dev team.
 
FYI - The certs in the production channels are correct

Comment 6 Russell Laliberte 2015-02-23 19:45:23 UTC

The cert pulled into the CFME image(s) during image creation was out of date and referenced an older release. 


A customer could have seen this in the image if they attempted to read the cert file.

Comment 7 Jan Krocil 2015-03-12 14:18:24 UTC

Reopening, still an issue in 5.3.3.2 - 5.3.3.2.20150217120931_a465215.

Comment 8 Russell Laliberte 2015-03-16 12:56:18 UTC

Assigning bug to jprause; the updated certs have been provided;
Needs to be integrated into the build

Comment 12 John Prause 2015-03-19 13:48:48 UTC

This issue is now fixed, and will show up in the 5.3.4.1 build.

While the updated cert information was added to the kickstart files,...the options.yml points to the master branch as a default.

Since the master branch kickstart files were not updated (just yet), the options.yml pointed to older KS files.

Modified the 5.3 options.yml kickstart_sha to point the 5.3.3.2 tag,..ran another test build, and the resultant appliances now have correct cert info.

Comment 15 Jan Krocil 2015-04-22 08:36:33 UTC

Verified fixed in 5.3.4.2 - 5.3.4.2.20150415125246_f5d5c91.

"""
1.3.6.1.4.1.2312.9.1.167.1: 
    ..Red Hat CloudForms
1.3.6.1.4.1.2312.9.1.167.2: 
    ..3.1
1.3.6.1.4.1.2312.9.1.167.3: 
    ..x86_64
"""

Comment 17 errata-xmlrpc 2015-04-29 13:19:04 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-0890.html

Note You need to log in before you can comment on or make changes to this bug.