Bug 1330566 - Cannot update custom certs with capsule-certs-generate --certs-update-server
Summary: Cannot update custom certs with capsule-certs-generate --certs-update-server
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: Installer
Version: 6.2.0
Hardware: Unspecified
OS: Unspecified
unspecified
high vote
Target Milestone: Unspecified
Assignee: Stephen Benjamin
QA Contact: Sanket Jagtap
URL:
Whiteboard:
: 1339205 (view as bug list)
Depends On:
Blocks: 1291065
TreeView+ depends on / blocked
 
Reported: 2016-04-26 13:19 UTC by Sanket Jagtap
Modified: 2020-03-25 03:17 UTC (History)
6 users (show)

Fixed In Version: katello-installer-base-3.0.0.43-1
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-07-27 11:30:43 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Foreman Issue Tracker 15158 0 Normal Closed Cannot update custom certs with capsule-certs-generate --certs-update-server 2020-10-19 16:02:30 UTC

Description Sanket Jagtap 2016-04-26 13:19:36 UTC 
Description of problem:
Build: snap 9.1

Version-Release number of selected component (if applicable):


How reproducible:



Steps to Reproduce:
1. Set up satellite 6 with custom certificate following install guide
2. Set up External capsule with custom certificate 
3. try to update the certs on capsule , by using capsule-certs-generate and --certs-update-server option.
Actual results:


Expected results:
The certs should be updated and new capsule-certs.tar should be created

Actual result:

capsule-certs-generate --capsule-fqdn "sjagtap-capsule.satellite.lab.eng.rdu2.redhat.com" --certs-tar /root/certscap/sjagtap-capsule.satellite.lab.eng.rdu2.redhat.com.tar --server-cert /root/certscap/sjagtap-capsule.satellite.lab.eng.rdu2.redhat.com.crt --server-cert-req /root/certscap/sjagtap-capsule.satellite.lab.eng.rdu2.redhat.com.crt.req --server-key /root/certscap/sjagtap-capsule.satellite.lab.eng.rdu2.redhat.com.key --server-ca-cert /root/certscap/cacert.crt --certs-update-server
Marking certificate /root/ssl-build/sjagtap-capsule.satellite.lab.eng.rdu2.redhat.com/sjagtap-capsule.satellite.lab.eng.rdu2.redhat.com-apache for update
Marking certificate /root/ssl-build/sjagtap-capsule.satellite.lab.eng.rdu2.redhat.com/sjagtap-capsule.satellite.lab.eng.rdu2.redhat.com-foreman-proxy for update
Command '/usr/share/katello-installer-base/bin/katello-certs-check -c "/root/certscap/sjagtap-capsule.satellite.lab.eng.rdu2.redhat.com.crt" -r "/root/certscap/sjagtap-capsule.satellite.lab.eng.rdu2.redhat.com.crt.req" -k "/root/certscap/sjagtap-capsule.satellite.lab.eng.rdu2.redhat.com.key" -b "/root/certscap/cacert.crt"' exited with 127:
 sh: /usr/share/katello-installer-base/bin/katello-certs-check: No such file or directory
/usr/share/gems/gems/kafo-0.7.3/lib/kafo/hook_context.rb:71:in `exit': private method `exit' called for #<Kafo::KafoConfigure:0x000000029fb1e8> (NoMethodError)
	from /usr/share/katello-installer-base/hooks/pre/20-certs_update.rb:9:in `error'
	from /usr/share/katello-installer-base/hooks/pre/20-certs_update.rb:62:in `block (4 levels) in load'
	from /usr/share/gems/gems/kafo-0.7.3/lib/kafo/hooking.rb:34:in `instance_eval'
	from /usr/share/gems/gems/kafo-0.7.3/lib/kafo/hooking.rb:34:in `block (4 levels) in load'
	from /usr/share/gems/gems/kafo-0.7.3/lib/kafo/hook_context.rb:13:in `instance_exec'
	from /usr/share/gems/gems/kafo-0.7.3/lib/kafo/hook_context.rb:13:in `execute'
	from /usr/share/gems/gems/kafo-0.7.3/lib/kafo/hooking.rb:51:in `block in execute'
	from /usr/share/gems/gems/kafo-0.7.3/lib/kafo/hooking.rb:49:in `each'
	from /usr/share/gems/gems/kafo-0.7.3/lib/kafo/hooking.rb:49:in `execute'
	from /usr/share/gems/gems/kafo-0.7.3/lib/kafo/kafo_configure.rb:373:in `run_installation'
	from /usr/share/gems/gems/kafo-0.7.3/lib/kafo/kafo_configure.rb:149:in `execute'
	from /usr/share/gems/gems/clamp-0.6.2/lib/clamp/command.rb:67:in `run'
	from /usr/share/gems/gems/clamp-0.6.2/lib/clamp/command.rb:125:in `run'
	from /usr/share/gems/gems/kafo-0.7.3/lib/kafo/kafo_configure.rb:156:in `run'
	from /usr/sbin/capsule-certs-generate:49:in `<main>'


Additional info:
Comment 2 Stephen Benjamin 2016-05-24 11:37:27 UTC 
Created redmine issue http://projects.theforeman.org/issues/15158 from this bug
Comment 3 Bryan Kearney 2016-06-06 16:15:20 UTC 
Moving to POST since upstream bug http://projects.theforeman.org/issues/15158 has been closed
Comment 4 Justin Sherrill 2016-06-07 18:19:51 UTC 
*** Bug 1339205 has been marked as a duplicate of this bug. ***
Comment 5 Sanket Jagtap 2016-06-15 09:57:56 UTC 
build : Satellite 6.2 snap 15.2

capsule-certs-generate --capsule-fqdn "xyz.com" --certs-tar /root/certscap/xyz.com.tar --server-cert /root/certscap/xyz.com.crt --server-cert-req /root/certscap/xyz.com.crt.req --server-key /root/certscap/xyz.com.key --server-ca-cert /root/cacertcap.crt --certs-update-server
Marking certificate /root/ssl-build/xyz.com/xyz.com-apache for update
Marking certificate /root/ssl-build/xyz.com/xyz.com-foreman-proxy for update
Installing             Done                                               [100%] [..................................................................................]
  Success!

  To finish the installation, follow these steps:
...
....
Comment 6 Bryan Kearney 2016-07-27 11:30:43 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2016:1501
Comment 7 Tom 2020-03-25 03:17:29 UTC 
Ran into this issue with capsule 6.6 

I just had to 'mkdir /root/ssl-build/; mkdir /root/ssl-build/$(hostname -f)'
Note You need to log in before you can comment on or make changes to this bug.