Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1249288

Summary: Setting custom certificates require running capsule-certs-generate and capsule-installer
Product: Red Hat Satellite Reporter: Pavel Moravec <pmoravec>
Component: Docs Install GuideAssignee: Russell Dickenson <rdickens>
Status: CLOSED CURRENTRELEASE QA Contact: Brandi Munilla <bmcelvee>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.1.0CC: adahms, bkearney, cdonnell, chrobert, dmoessne, inecas, mrichter, pdwyer, pmoravec, rdickens, sauchter, vgunasek
Target Milestone: UnspecifiedKeywords: Reopened
Target Release: Unused   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-11-03 23:26:34 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1296845    

Description Pavel Moravec 2015-08-01 10:19:17 UTC 
Document URL: 
https://access.redhat.com/documentation/en-US/Red_Hat_Satellite/6.1/html-single/Installation_Guide/index.html#sect-Red_Hat_Satellite-Installation_Guide-Installing_Red_Hat_Satellite_Server-Running_the_Installation_and_Configuration_Program-Other_Configuration_Options


Section Number and Name: 
Procedure 2.6. To Set a Custom Server Certificate after running katello-installer:


Describe the issue: 
When updating SSL certificates on the Satellite, I think capsule certs must be regenerated and capsule updated appropriately. These steps are missing in the procedure.


Suggestions for improvement:
Add step 3 (to re-run capsule-certs-generate on Satellite and to scp the tarball with certificates to all capsules) and step 4 (to re-run capsule-installer on all capsules).

Additional information:
Comment 8 Ivan Necas 2015-08-31 15:09:24 UTC 
What about, instead of adding addition steps into the first procedure, linking to the section "6.4.2.1. Configuring Red Hat Satellite Capsule Server with a Custom Server Certificate" and noting that it's needed to do so in case the CA changed.
Comment 21 Ivan Necas 2015-09-17 16:05:49 UTC 
Works for me, for the future reviews, it would help to see the diff, when the changes are introduced: it makes the review easier.
Comment 55 Mike McCune 2016-03-28 23:24:30 UTC 
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune with any questions
Comment 69 Andrew Dahms 2016-08-17 01:48:10 UTC 
*** Bug 1361247 has been marked as a duplicate of this bug. ***
Comment 74 Andrew Dahms 2016-10-13 00:43:48 UTC 
*** Bug 1219641 has been marked as a duplicate of this bug. ***
Comment 92 Brandi Munilla 2016-11-17 15:17:35 UTC 
*** Bug 1364483 has been marked as a duplicate of this bug. ***