Bug 1468348 - [RFE] Offline Certificate Renewal System
Summary: [RFE] Offline Certificate Renewal System
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: pki-core
Version: 7.4
Hardware: Unspecified
OS: Unspecified
Target Milestone: rc
: 7.7
Assignee: Dinesh Prasanth
QA Contact: ipa-qe
: 1372378 1474986 (view as bug list)
Depends On:
Blocks: 1644708 1696849 1472344 1550132 1647919 1669257 1690191
TreeView+ depends on / blocked
Reported: 2017-07-06 19:09 UTC by Matthew Harmsen
Modified: 2019-08-19 07:18 UTC (History)
17 users (show)

Fixed In Version: pki-core-10.5.16-1.el7
Doc Type: No Doc Update
Doc Text:
This tool must be documented in IPA -> See BZ#1690191.
Clone Of:
: 1669257 1690191 1696849 (view as bug list)
Last Closed: 2019-08-06 13:07:17 UTC
dmoluguw: needinfo+

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2019:2228 None None None 2019-08-06 13:07:49 UTC

Description Matthew Harmsen 2017-07-06 19:09:52 UTC
Current scenario:

    When system certificate expires, we need to rollback date to a valid range   
    and start the renewal process.

Proposed Solution:

    An offline tool which creates temporary certificates to bring up the server
    and using which we can proceed with online renewal process.

Related wiki:

    * http://pki.fedoraproject.org/wiki/Offline_System_Certificate_Renewal

Comment 3 Matthew Harmsen 2017-08-31 18:15:59 UTC
*** Bug 1372378 has been marked as a duplicate of this bug. ***

Comment 4 Matthew Harmsen 2017-09-26 17:32:44 UTC
*** Bug 1474986 has been marked as a duplicate of this bug. ***

Comment 6 Matthew Harmsen 2017-10-25 16:33:04 UTC
[20171025] - RHEL 7.5 / RHCS 9.3 pre-Alpha Offline Triage ==> 7.6

Comment 9 Matthew Harmsen 2018-05-05 00:18:43 UTC
Per RHEL 7.5.z/7.6/8.0 Triage:  7.6 (RPL Candidate)

Comment 12 Fraser Tweedale 2019-03-18 04:55:40 UTC
How to test: https://github.com/dogtagpki/pki/pull/183#issue-261388269

Comment 17 Mohammad Rizwan 2019-05-16 06:29:54 UTC
Identified tier1 test passed. Based on observation in comment#16, marking the bug verified.

Comment 19 errata-xmlrpc 2019-08-06 13:07:17 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.