Bug 1302125 - Simplifying submitting a CSR via CLI
Simplifying submitting a CSR via CLI
Status: NEW
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: pki-core (Show other bugs)
Unspecified Unspecified
low Severity unspecified
: rc
: 7.4
Assigned To: Endi Sukma Dewata
Asha Akkiangady
Depends On:
  Show dependency treegraph
Reported: 2016-01-26 16:35 EST by Matthew Harmsen
Modified: 2018-03-02 11:30 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Matthew Harmsen 2016-01-26 16:35:16 EST
Currently when submitting a CSR via CLI the user is still required to specify a request type and a subject DN:

$ pki ca-cert-request-submit \
 --profile caUserCert \
 --csr-file testuser.csr \
 --request-type pkcs10 \
 --subject UID=testuser,O=EXAMPLE

To improve usability, the CLI should obtain the request type and subject DN from the CSR itself. The server should also obtain the information from the CSR directly.

The client may display the request data for confirmation:

$ pki ca-cert-request-submit --profile caUserCert --csr-file testuser.csr
Certificate request:
  Request type     : PKCS #10
    UID            : testuser
    Organization   : EXAMPLE
  Key Type         : RSA
  Key Size         : 2048
Submit certificate request (Y/n)? 

There should also be an option to skip the confirmation:

$ pki ca-cert-request-submit --profile caUserCert --csr-file testuser.csr -y
Comment 2 Fraser Tweedale 2016-01-26 18:38:02 EST
Reopening; I erroneously resolved the upstream ticket
(see https://fedorahosted.org/pki/ticket/1705#comment:5)
Comment 3 Matthew Harmsen 2016-04-20 18:32:14 EDT
Per CS Bug/Ticket Triage held 04/19/2016:  RHEL 7.4

Note You need to log in before you can comment on or make changes to this bug.