Description of problem:
When ipa-getcert request is triggered with Sub CA using -X argument, then command fails to issue certificate with Sub-CA as issuer.
See console.log for steps involved.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. ipa ca-add
2. ipa-getcert request -k /samplereq1.key -f /samplereq1.crt -X SampleCA1
3. View issued certificate for issuer name
4. View ipa-getcert list -i <request_id> for issuer name
Issuer Name in certificate issued is set to default IPA CA instead of Sub CA
Issuer Name in certificate issued should be set to Sub CA
As per IRC chat with jcholast, https://git.fedorahosted.org/cgit/certmonger.git/tree/src/ipa.c#n384 - here it should say "cacn" instead of "ca"
Certmonger version used ::
Created attachment 1191493 [details]
Patch is available:
Verified using IPA and Certmonger version ::
Marking BZ as verified.
Created attachment 1202711 [details]
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.