Description of problem: Currently when providing custom signed certificates to either the `statellite-installer --scenario satellite` or the `capsule-certs-generate` they both require the CSR to be given either via `--certs-server-cert-req` or `--server-cert-req` respectively. Even though the commands require a CSR to be given there is no reason to require the CSR and additionally so if you just pass a blank file everything works fine. Therefor the requirement of specifying the CSR should be removed since it appears not to be used for anything and Satellite users do not always have access to the CSR. Version-Release number of selected component (if applicable): 6.2.6 How reproducible: Always Steps to Reproduce: 1. Call statellite-installer --scenario satellite without --certs-server-cert-req when giving custom signed certificate 2. failure or 1. Call statellite-installer --scenario satellite with empty file passed to --certs-server-cert-req when giving custom signed certificate 2. Succeeds or 1. Call capsule-certs-generate --scenario satellite without --server-cert-req when giving custom signed certificate 2. failure or 1. Call satellite-installer --scenario satellite with empty file passed to --server-cert-req when giving custom signed certificate 2. Succeeds Actual results: If giving a custom signed key/cert pair to the satellite-installer or capsule-certs-generate commands without passing the CSR the commands will fail. If you pass empty CSR files in these cases they will succeed. Expected results: Since the CSR appears to do nothing, since an empty file can be given, this should not be a requirment of the satellite-installer or capsule-certs-generate commands when providing custom signed key/cert. Additional Info: A customer rain into this because their PKI team generates and signs CSRs based on given parameters and then only gives back the cert/key without the CSR. Since the CSR does not appear to actually be needed by Satellite then it should not be a required parameter.
This bugzilla is duplicate of - https://bugzilla.redhat.com/show_bug.cgi?id=1233431
Thank you Ashish, closing as duplicate. *** This bug has been marked as a duplicate of bug 1233431 ***