Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1314418 - katello should not install sha1 certificates
Summary: katello should not install sha1 certificates
Keywords:
Status: CLOSED DUPLICATE of bug 1296301
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: Installation
Version: 6.1.7
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: Unspecified
Assignee: Katello Bug Bin
QA Contact: Katello QA List
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-03-03 14:46 UTC by Stephen Wadeley
Modified: 2016-04-07 07:24 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-04-07 07:24:29 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Stephen Wadeley 2016-03-03 14:46:03 UTC
Description of problem:

When opening NoVNC console I see error in web UI "WebSock error: [object Event]"

Firefox browser console shows:
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1

Then I noticed certificates are still sha1

[root@rhel7-1-sat6 ~]# openssl x509 -in /etc/pki/katello/certs/katello-apache.crt -noout -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10857288126450870211 (0x96acd606d12ba7c3)
    Signature Algorithm: sha1WithRSAEncryption



Version-Release number of selected component (if applicable):


[root@rhel7-1-sat6 ~]# rpm -q katello-installer
katello-installer-2.3.25-1.el7sat.noarch

[root@rhel7-1-sat6 ~]# rpm -q foreman
foreman-1.7.2.53-1.el7sat.noarch

How reproducible:
All the time

Steps to Reproduce:
1.  I have been following[1] Foreman Docs, LibVirt Notes.
 http://theforeman.org/manuals/1.9/index.html#5.2.5LibvirtNotes
to configure Sat6 to connect to libvirt

2. Create https://rhel7-1-sat6.example.com/compute_resources

3. https://rhel7-1-sat6.example.com/compute_resources/1-my-test-compute/vms/cc346ba9-e054

4. Try to open console

Actual results:

"WebSock error: [object Event]"

Expected results:

VNC console to my VM

Additional info:

https://github.com/Katello/katello-certs-tools/commit/b68836ab1b70d085691168dbc3748769c405e522

Comment 2 Stephen Wadeley 2016-04-07 07:24:29 UTC
Hello

This bug was first:

Bug 1296301 - Katello-installer and capsule-certs-generate sign certificates with sha1


===============
https://bugzilla.redhat.com/show_bug.cgi?id=1296301#c9
 Kedar Bidarkar 2016-04-01 14:36:56 EDT

VERIFIED with sat62-snap6


=================

Closing as duplicate.

*** This bug has been marked as a duplicate of bug 1296301 ***


Note You need to log in before you can comment on or make changes to this bug.