Hide Forgot
Description of problem: The satellite-installer option "--certs-regenerate-ca" does not do what one would expect. Version-Release number of selected component (if applicable): 6.2.4 How reproducible: Every time. Steps to Reproduce: 1. Install Satellite using satellite-installer and any applicable options 2. Try to regenerate the CA certificate by running: satellite-installer --certs-regenerate-ca true <any other certs options...> 3. verify the new CA certificate, and notice how it has not been remade. Look in /root/ssl-build, in /var/www/html/pub and /etc/pki/pulp, etc/pki/katello... Actual results: The CA certificate has not been regenerated. Expected results: The CA certificate is regenerated. Additional info: The default satellite-installer installs a CA certificate with Country=US, State=North Carolina and City=Raleigh (where a well known Open Source company is located). It is possible to override this during a first time install, but if errors are made it is not possible to rerun the installer in a way that regenerates the CA certificate, even though satellite-installer --help suggests you can.
Thank you for your interest in Satellite 6. We have evaluated this request, and we do not expect this to be implemented in the product in the forseeable future. We are therefore closing this out as WONTFIX. If you have any concerns about this, please feel free to contact Rich Jerrido or Bryan Kearney. Thank you.