Bug 1314418 - katello should not install sha1 certificates
katello should not install sha1 certificates
Status: CLOSED DUPLICATE of bug 1296301
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Installer (Show other bugs)
6.1.7
Unspecified Unspecified
unspecified Severity unspecified (vote)
: Unspecified
: --
Assigned To: Katello Bug Bin
Katello QA List
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2016-03-03 09:46 EST by Stephen Wadeley
Modified: 2016-04-07 03:24 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-04-07 03:24:29 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Stephen Wadeley 2016-03-03 09:46:03 EST
Description of problem:

When opening NoVNC console I see error in web UI "WebSock error: [object Event]"

Firefox browser console shows:
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1

Then I noticed certificates are still sha1

[root@rhel7-1-sat6 ~]# openssl x509 -in /etc/pki/katello/certs/katello-apache.crt -noout -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10857288126450870211 (0x96acd606d12ba7c3)
    Signature Algorithm: sha1WithRSAEncryption



Version-Release number of selected component (if applicable):


[root@rhel7-1-sat6 ~]# rpm -q katello-installer
katello-installer-2.3.25-1.el7sat.noarch

[root@rhel7-1-sat6 ~]# rpm -q foreman
foreman-1.7.2.53-1.el7sat.noarch

How reproducible:
All the time

Steps to Reproduce:
1.  I have been following[1] Foreman Docs, LibVirt Notes.
 http://theforeman.org/manuals/1.9/index.html#5.2.5LibvirtNotes
to configure Sat6 to connect to libvirt

2. Create https://rhel7-1-sat6.example.com/compute_resources

3. https://rhel7-1-sat6.example.com/compute_resources/1-my-test-compute/vms/cc346ba9-e054

4. Try to open console

Actual results:

"WebSock error: [object Event]"

Expected results:

VNC console to my VM

Additional info:

https://github.com/Katello/katello-certs-tools/commit/b68836ab1b70d085691168dbc3748769c405e522
Comment 2 Stephen Wadeley 2016-04-07 03:24:29 EDT
Hello

This bug was first:

Bug 1296301 - Katello-installer and capsule-certs-generate sign certificates with sha1


===============
https://bugzilla.redhat.com/show_bug.cgi?id=1296301#c9
 Kedar Bidarkar 2016-04-01 14:36:56 EDT

VERIFIED with sat62-snap6


=================

Closing as duplicate.

*** This bug has been marked as a duplicate of bug 1296301 ***

Note You need to log in before you can comment on or make changes to this bug.