Bug 1590942 - CMCResponse treats -d as optional
Summary: CMCResponse treats -d as optional
Keywords:
Status: ON_QA
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: pki-core
Version: 8.3
Hardware: Unspecified
OS: Unspecified
low
low
Target Milestone: rc
: ---
Assignee: Alex Scheel
QA Contact: Asha Akkiangady
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-06-13 17:12 UTC by Geetika Kapoor
Modified: 2021-01-20 17:50 UTC (History)
6 users (show)

Fixed In Version: pki-core-10.6-8040020210114180044.d4d99205
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: Bug
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Priority Status Summary Last Updated
Gitlab dogtagpki/pki/-/blob/master/tests/dogtag/pytest-ansible/pytest/ca/bugzilla/test_bug_1590942_1584550.py None None None 2021-01-18 11:32:49 UTC

Description Geetika Kapoor 2018-06-13 17:12:55 UTC 
Description of problem:

Man pages of CMCResponse says:

-d <path>
              Path of directory to the NSS database. This option is required.

But without specifying "-d" in cli , it shows the cert.So i think "-d" can be treated as optional.

# CMCResponse  -i cmc.sys_subca_pkcs10.resp
Certificates: 
    Certificate: 
        Data: 
            Version:  v3
            Serial Number: 0x5D0C698
            Signature Algorithm: SHA384withEC - 1.2.840.10045.4.3.3
            Issuer: CN=CA Signing Certificate,OU=gkapoor_RHCS75_update2_ecc,O=Example-rhcs92-CA-ecc
            Validity: 
                Not Before: Friday, May 25, 2018 6:33:27 AM EDT America/New_York
                Not  After: Tuesday, May 25, 2038 6:33:27 AM EDT America/New_York
            Subject: CN=CA Signing Certificate,OU=gkapoor_RHCS75_update2_ecc,O=Example-rhcs92-CA-ecc
            Subject Public Key Info: 
                Algorithm: EC - 1.2.840.10045.2.1

Not sure if we want -d as mandatory or optional.
If we want it as optional, need to change man pages else code change will be needed.

Version-Release number of selected component (if applicable):

10.5 update 2

How reproducible:
always 

Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 2 Matthew Harmsen 2018-07-04 00:44:39 UTC 
Moved to RHEL 7.7.
Comment 7 Alex Scheel 2021-01-07 16:39:00 UTC 
Pull request upstream: https://github.com/dogtagpki/pki/pull/3423
Comment 8 Alex Scheel 2021-01-11 17:19:37 UTC 
Checked in master:

commit 28a262c6c6b87b4111ff6c051ff6c5a4bf735b7f (upstream/master, origin/master, origin/HEAD, master)
Author: Alexander Scheel <ascheel@redhat.com>
Date:   Thu Jan 7 11:37:28 2021 -0500

    Fix usage for CMCResponse -d
    
    Signed-off-by: Alexander Scheel <ascheel@redhat.com>


Checked in v10.10:

commit 62ebb7025b95164cb8864fc2109165313446860a (HEAD -> v10.10, upstream/v10.10, origin/v10.10)
Author: Alexander Scheel <ascheel@redhat.com>
Date:   Thu Jan 7 11:37:28 2021 -0500

    Fix usage for CMCResponse -d
    
    Signed-off-by: Alexander Scheel <ascheel@redhat.com>
Comment 10 shalini 2021-01-20 08:08:17 UTC 
BZ verified on latests bits from RHCS repo (We did pre-verification from rhcs repo because the bits were not there in development compose and we do not want to delay Verification):
 pki-ca                            noarch  10.10.3-1.module+el8pki+9457+b4dcf7f7         RHEL8.4-CERTSYS    1.0 M
 pki-kra                           noarch  10.10.3-1.module+el8pki+9457+b4dcf7f7         RHEL8.4-CERTSYS    201 k
 pki-server                        noarch  10.10.3-1.module+el8pki+9457+b4dcf7f7


Successful pipeline : https://gitlab.cee.redhat.com/skhandel/pki-pytest-ansible/-/jobs/2776695

Marking the BZ verified-tested
Note You need to log in before you can comment on or make changes to this bug.