The behavior of rhn-ssl-tool's hostname/directory-generation logic: command: rhn-ssl-tool --set-hostname chimchim.devel.redhat.com directory generated: ~/ssl-build/chimchim.devel/ command: rhn-ssl-tool --set-hostname chimchim.redhat.com directory generated: ~/ssl-build/chimchim/ command: rhn-ssl-tool --set-hostname chimchim.not_FQDN directory generated: ~/ssl-build/chimchim.not_FQDN/ Case #3 shows where the tool can't "intelligently" determine the machine name so it punts.
Oh... forgot to add... the website does this: command: rhn-ssl-tool --set-hostname chimchim.devel.redhat.com directory generated: ~/ssl-build/chimchim.devel/ command: rhn-ssl-tool --set-hostname chimchim.redhat.com directory generated: ~/ssl-build/chimchim.redhat/ command: rhn-ssl-tool --set-hostname chimchim.not_FQDN directory generated: ~/ssl-build/chimchim.not_FQDN/ I.e., it just picks the first two period deliminated thingies... bad!
De-privatized the bug... no reason to hide it.
Fixed in CVS. Test plan: Run a satellite install with a valid 3-part hostname 'foo.bar.com' - The SSL server key generated should be for 'foo', not 'foo.bar'.
QA push. {ON_DEV,QA_READY} --> ON_QA
Verified -- on test07.rhndev.redhat.com, the ssl-build directly correctly created the certs, and placed them in ssl-build/test07.rhndev
Mass move from PROD_READY to CLOSED:CURRENTRELEASE