Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1454955

Summary: Configuring Attribute Encryption should mention the removal of AES and 3DES configuration parameters before the import
Product: Red Hat Directory Server Reporter: Asha Akkiangady <aakkiang>
Component: Doc-administration-guideAssignee: Marc Muehlfeld <mmuehlfe>
Status: CLOSED CURRENTRELEASE QA Contact: Viktor Ashirov <vashirov>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 10.1CC: mreynolds, rhel-docs
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-07-13 07:06:25 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1451460    
Bug Blocks:    

Description Asha Akkiangady 2017-05-23 21:15:41 UTC 
Description of problem:
RHDS documentation for Configuring Attribute Encryption should mention the removal of AES and 3DES configuration parameters before the re-import

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html-single/Administration_Guide/index.html#Creating_and_Maintaining_Databases-Database_Encryption 

2.2.3.6. Exporting and Importing an Encrypted Database should have instructions to remove the AES and 3DES entries for encryption from the configuration files before the re-import.

Re-import worked only after I removed following parameters from dse.ldif, there are other related issues mentioned in bug https://bugzilla.redhat.com/show_bug.cgi?id=1451460#c6

dn: cn=AES,cn=encrypted attribute keys,cn=CC-NonTMS-LDAP,cn=ldbm database,cn=p
 lugins,cn=config
objectClass: top
objectClass: extensibleObject
cn: AES
nsSymmetricKey:: Yd+hmMyTJa0LH1bOcscyI2ZICCKry410HRM9I9yobqj3IpCjd2+UUEss00ow5
 4vq3ndpqngqx3ALJDhZg7E9gofjuhJH82q3qVlj19oFCMeIbcnsOs+4yfRs0hIqdMZZf+1lv2KJ5R
 Q5qEmg+VUhDUoNLNaTeK+FEMI6yL5N/1/Yj54Mm/Ab8pK+/SReyMbTT/5V9RhaufDEk1bhGGiUpj8
 TjS8FYrenatREJLu5u/+75ELVyBdrl9HJy9TRI3OeleLJOMH02aan3sHOSyQX2JzvYsY3uP9F1ZnZ
 TkiXYrJ0Jsa/P6U66lNMO4eqJtGS5rQ2WV47wJeURO7MQrNWuw==
creatorsName: cn=ldbm database,cn=plugins,cn=config
modifiersName: cn=ldbm database,cn=plugins,cn=config
createTimestamp: 20170516234010Z
modifyTimestamp: 20170516234010Z

dn: cn=AES,cn=encrypted attribute keys,cn=userRoot,cn=ldbm database,cn=plugins
 ,cn=config
objectClass: top
objectClass: extensibleObject
cn: AES
nsSymmetricKey:: ejJuU1sIye8Tq6iS9Qs4Pv3U0r3P/uKApkNr2kPpdvaIbHa3iluiGNNA4ibCQ
 X09GKGLIRUltN3Kc4oJNv3hzBAqan6bnxffv10l4zKXfl02eTSc5nJsjYuPyy0p09ncUrTDAfT7YG
 bCzWyiJocE8kqVGKpA0YllaZj+S6M3HD15ci4TnTwFii+XrwxeXqfyDAE+Q14+ztJNgClDb3r1p3K
 JeZ11r9zog8SW8PFEg2MF7LuqIxj5zUDoVIMF59g/qE34bCWIpn1/41uOUHmdqG8/7E8Fk7AS1CqB
 OWCRE5FoFJHsxWZUOtcVPxsJfDOXWVglIrbIGnEOc0CQu6tSHw==
creatorsName: cn=ldbm database,cn=plugins,cn=config
modifiersName: cn=ldbm database,cn=plugins,cn=config
createTimestamp: 20170516215857Z
modifyTimestamp: 20170516215857Z

dn: cn=3DES,cn=encrypted attribute keys,cn=userRoot,cn=ldbm database,cn=plugin
 s,cn=config
objectClass: top
objectClass: extensibleObject
cn: 3DES
nsSymmetricKey:: hGouIHD/dpcCIRGPZWDnxDFDfXLdxtvG6xhRSFYAxM8xIxZzeh2TKxmT/LKOD
 3juEjrp0ZcW4cIsKfw6ZU6L1b9b/i1M+pQFUsNGkIl7v3yftBYyNRhtGi+/fvwAq8LxevbYLg0cAV
 tg+0X3nENfRnfx9hNcXhTE/RT0/mWojeBRk7lmD74cvpkqWL7j5A9bojkNM2uN5P7M7aUZIBMHwHk
 NzHZXRKgDTiWg6IXKaE0BTMHkUKMuK78bpYiu2DU4alDhvBXc5KjMaLSHj5H132tTtgcQEyIQ4tX+
 5tuT/Bsh4wx+WWJHJbRQh7jNRp7ahNiskFbeyWvUgTMEy0nqww==
creatorsName: cn=ldbm database,cn=plugins,cn=config
modifiersName: cn=ldbm database,cn=plugins,cn=config
createTimestamp: 20170516215858Z
modifyTimestamp: 20170516215858Z

dn: cn=3DES,cn=encrypted attribute keys,cn=CC-NonTMS-LDAP,cn=ldbm database,cn=
 plugins,cn=config
objectClass: top
objectClass: extensibleObject
cn: 3DES
nsSymmetricKey:: AmQ9ct7QghrkACYOuJ3eh6FHW/NR+TyAPjBDXYgkrK5Fqx0IGQphYNd1vVn4s
 7S4zniG5j0vJj73nAPeyBOs4CAi587S+/W3XMh8Q/O1VHaNHF5KvsI+OE/GpJndv40ERfcjdKtW2J
 tivQ2Cw4T4PXxK6vzGp9dMW21RGjCaqvt4mQbVw2bHAxbnHXHVsX9qXW5qwuyYo/Zy9BjqrAQKkI5
 KJQIueteD3x3rsbLY7Thk3jMD3n68vv5uGRmb9OUiVMkU9veOinulBTYDKlWwssJPLOHou0QZnVl9
 vPKjbqI5CJBG1xVtFWot960DkC0NJHZ6/PaHwVL8WDSYPfadpA==
creatorsName: cn=ldbm database,cn=plugins,cn=config
modifiersName: cn=ldbm database,cn=plugins,cn=config
createTimestamp: 20170516234010Z
modifyTimestamp: 20170516234010Z


Actual results:


Expected results:


Additional info:
Comment 4 Marc Muehlfeld 2017-07-13 07:06:25 UTC 
The update is now available on the Customer Portal.