Red Hat Bugzilla – Bug 1469437
subsystem-cert-update command lacks --cert option
Last modified: 2017-09-05 07:25:02 EDT
This bug has been copied from bug #1466073 and has been proposed to be backported to 7.4 z-stream (EUS).
I tested this bug on pki 10.4.1-12.el7_4 build.
Steps i perform to test:
1. Created the certificate request using certutil and /var/lib/pki/topology-02-CA/alias directory.
2. Submitted the certificate request using pki command and caOCSPCert profile and /var/lib/pki/topology-02-CA/alias directory..
3. Approve the certificate request, Save the certificate in the file.
4. Change the OCSP server certificate with the following command:
~ # pki-server subsystem-cert-update ca ocsp_signing -i topology-02-CA --cert /tmp/ocsp_cert.pem
5. Restart the CA instance.
CA instance is started successfully.
Verifying this bug.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.