Bug 1468348 - [RFE] Offline Certificate Renewal System
Summary: [RFE] Offline Certificate Renewal System
Status: VERIFIED
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: pki-core
Version: 7.4
Hardware: Unspecified
OS: Unspecified
urgent
urgent
Target Milestone: rc
: 7.7
Assignee: Dinesh Prasanth
QA Contact: ipa-qe
Marc Muehlfeld
URL:
Whiteboard:
Keywords: FutureFeature, TestCaseProvided
: 1372378 1474986 (view as bug list)
Depends On:
Blocks: 1644708 1669257 1690191 1696849 1472344 1550132 1647919
TreeView+ depends on / blocked
 
Reported: 2017-07-06 19:09 UTC by Matthew Harmsen
Modified: 2019-05-16 06:29 UTC (History)
17 users (show)

(edit)
This tool must be documented in IPA
Clone Of:
: 1669257 1690191 1696849 (view as bug list)
(edit)
Last Closed:
dmoluguw: needinfo+


Attachments (Terms of Use)

Description Matthew Harmsen 2017-07-06 19:09:52 UTC
Current scenario:

    When system certificate expires, we need to rollback date to a valid range   
    and start the renewal process.

Proposed Solution:

    An offline tool which creates temporary certificates to bring up the server
    and using which we can proceed with online renewal process.

Related wiki:

    * http://pki.fedoraproject.org/wiki/Offline_System_Certificate_Renewal

Comment 3 Matthew Harmsen 2017-08-31 18:15:59 UTC
*** Bug 1372378 has been marked as a duplicate of this bug. ***

Comment 4 Matthew Harmsen 2017-09-26 17:32:44 UTC
*** Bug 1474986 has been marked as a duplicate of this bug. ***

Comment 6 Matthew Harmsen 2017-10-25 16:33:04 UTC
[20171025] - RHEL 7.5 / RHCS 9.3 pre-Alpha Offline Triage ==> 7.6

Comment 9 Matthew Harmsen 2018-05-05 00:18:43 UTC
Per RHEL 7.5.z/7.6/8.0 Triage:  7.6 (RPL Candidate)

Comment 12 Fraser Tweedale 2019-03-18 04:55:40 UTC
How to test: https://github.com/dogtagpki/pki/pull/183#issue-261388269

Comment 17 Mohammad Rizwan 2019-05-16 06:29:54 UTC
Identified tier1 test passed. Based on observation in comment#16, marking the bug verified.


Note You need to log in before you can comment on or make changes to this bug.