Description of problem: Running the command capsule-certs-generate command with the "--ca-common-name" flag is not making the changes in the generated capsule certificate. Version-Release number of selected component (if applicable): - Red Hat Satellite v 6.1.9 How reproducible: - Always Steps to Reproduce: 1. Install a Satellite server with the hostname "satellite6-1.example.com". 2. Run the capsule certificate generate command as below. ------ # capsule-certs-generate --capsule-fqdn capsule.example.com --certs-tar ~/capsule.example.com-certs.tar --parent-fqdn satellite6-2.example.com --ca-common-name satellite6-2.example.com ------ Actual results: - Capsule certificates are generated with the Satellite FQDN (satellite6-1.example.com). Expected results: - Capsule certificates should have the FQDN of the Satellite server hostname given in the command. Additional info:
Created redmine issue http://projects.theforeman.org/issues/16937 from this bug
Fixed upstream: Command: [root@centos7 ~]# foreman-proxy-certs-generate --foreman-proxy-fqdn capsule.example.com --certs-tar /root/certs.tar --parent-fqdn centos7.example.com --ca-common-name centos7.example.com Cert: [root@centos7 capsule.example.com]# openssl x509 -in capsule.example.com-apache.crt -noout -text Certificate: Data: Version: 3 (0x2) Serial Number: 12862015082119411095 (0xb27f0e924171b597) Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, ST=North Carolina, L=Raleigh, O=Katello, OU=SomeOrgUnit, CN=centos7.example.com Validity Not Before: Jan 18 21:17:31 2017 GMT Not After : Jan 20 21:17:31 2037 GMT Subject: C=US, ST=North Carolina, O=Default_Organization, OU=SomeOrgUnit, CN=capsule.example.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:bd:ee:4c:4c:fb:96:f9:00:b1:f9:af:b1:fb:1a: 16:b7:02:a9:d1:1b:f9:13:3a:b5:e2:3a:ca:0a:62: 26:d9:f4:00:af:e2:c6:a8:cc:f9:95:91:78:f8:e9: 5f:b5:73:0b:68:63:4c:40:21:83:b5:e1:b5:0f:cb: e8:d3:2c:12:ec:f7:19:a6:90:be:12:3f:8c:2d:18: 1a:3c:b5:c1:ed:af:33:cb:f7:40:ac:37:e5:ff:8a: ea:99:97:ae:35:2b:79:5b:98:b8:dd:e1:e0:a1:fe: e8:e2:b6:45:97:a8:86:f5:fb:4c:3c:72:c2:13:5c: 2b:9e:fb:09:df:d2:91:e7:e3:da:77:60:90:a9:e2: 01:3c:fd:57:94:b8:f3:e2:da:80:be:6a:5b:57:b4: be:77:57:ba:1f:73:4a:06:cb:61:91:bc:61:aa:5f: 96:71:9e:39:df:91:da:c8:5c:b0:5a:16:3a:ab:aa: 49:bf:73:26:14:79:bd:1b:1f:0a:1d:d5:b5:2c:56: a7:ed:3a:e8:49:77:80:93:06:d2:04:92:d6:a4:04: 4c:42:69:39:34:6e:0e:14:6d:97:cd:ae:32:4f:d6: cb:1b:c1:72:45:16:2a:97:f2:c1:a8:a3:05:7a:b0: 7e:b5:9f:12:db:5a:4c:49:f2:18:a0:c6:41:cc:16: 4d:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE X509v3 Key Usage: Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Netscape Cert Type: SSL Server Netscape Comment: Katello SSL Tool Generated Certificate X509v3 Subject Key Identifier: 61:B5:9E:21:DD:6C:7C:DB:02:D7:8F:10:35:A4:12:9F:76:80:A7:B8 X509v3 Authority Key Identifier: keyid:B9:6F:DA:FF:E1:11:82:BD:84:6F:34:6C:B9:A3:88:95:2C:7B:D0:55 DirName:/C=US/ST=North Carolina/L=Raleigh/O=Katello/OU=SomeOrgUnit/CN=centos7.example.com serial:B2:7F:0E:92:41:71:B5:8A X509v3 Subject Alternative Name: DNS:capsule.example.com Signature Algorithm: sha256WithRSAEncryption 90:a3:d3:a7:cb:28:48:4b:75:f7:4a:cd:db:eb:d7:bd:1e:c4: 97:65:1e:93:27:e4:7f:6c:f4:8d:a4:0c:a1:d5:5c:07:b3:f7: 17:9b:99:e9:4d:89:ed:0f:dd:28:74:55:4b:41:56:b3:05:cb: 2e:ea:46:ef:87:de:0e:82:7c:72:e2:d9:30:d8:15:75:1d:57: 97:fb:2d:25:70:5b:a3:dc:01:86:16:5a:34:b4:35:5e:98:ac: 2b:5f:e3:05:09:12:ee:9e:aa:6c:da:ae:f0:fd:90:70:17:7b: 28:57:8e:31:b1:ef:53:71:55:ea:3f:e8:15:1e:aa:0b:80:1d: a4:bf:32:b6:ae:e5:73:56:24:49:c4:d1:6d:4e:05:48:1a:f9: d0:e6:10:07:c3:8d:ae:49:84:39:3e:a0:00:10:01:33:62:b9: f8:03:05:1c:e4:a4:6f:66:3f:14:18:d1:de:b1:86:ab:94:42: d7:09:20:07:a4:8f:b2:5d:39:b9:5a:49:e4:7d:f8:b7:ea:95: 1d:62:04:da:cb:bd:43:2d:85:a7:37:be:bf:7e:e6:41:0d:8a: 06:5d:8a:45:41:b9:8d:a2:6a:92:cb:40:6c:6f:76:42:16:43: b1:36:20:e5:f9:6f:85:f6:32:20:44:99:be:50:59:1b:95:e3: cb:07:8c:44 Marking this as CLOSED UPSTREAM