Hide Forgot
Description of problem: Man pages of CMCResponse says: -d <path> Path of directory to the NSS database. This option is required. But without specifying "-d" in cli , it shows the cert.So i think "-d" can be treated as optional. # CMCResponse -i cmc.sys_subca_pkcs10.resp Certificates: Certificate: Data: Version: v3 Serial Number: 0x5D0C698 Signature Algorithm: SHA384withEC - 1.2.840.10045.4.3.3 Issuer: CN=CA Signing Certificate,OU=gkapoor_RHCS75_update2_ecc,O=Example-rhcs92-CA-ecc Validity: Not Before: Friday, May 25, 2018 6:33:27 AM EDT America/New_York Not After: Tuesday, May 25, 2038 6:33:27 AM EDT America/New_York Subject: CN=CA Signing Certificate,OU=gkapoor_RHCS75_update2_ecc,O=Example-rhcs92-CA-ecc Subject Public Key Info: Algorithm: EC - 1.2.840.10045.2.1 Not sure if we want -d as mandatory or optional. If we want it as optional, need to change man pages else code change will be needed. Version-Release number of selected component (if applicable): 10.5 update 2 How reproducible: always Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Moved to RHEL 7.7.
Pull request upstream: https://github.com/dogtagpki/pki/pull/3423
Checked in master: commit 28a262c6c6b87b4111ff6c051ff6c5a4bf735b7f (upstream/master, origin/master, origin/HEAD, master) Author: Alexander Scheel <ascheel@redhat.com> Date: Thu Jan 7 11:37:28 2021 -0500 Fix usage for CMCResponse -d Signed-off-by: Alexander Scheel <ascheel@redhat.com> Checked in v10.10: commit 62ebb7025b95164cb8864fc2109165313446860a (HEAD -> v10.10, upstream/v10.10, origin/v10.10) Author: Alexander Scheel <ascheel@redhat.com> Date: Thu Jan 7 11:37:28 2021 -0500 Fix usage for CMCResponse -d Signed-off-by: Alexander Scheel <ascheel@redhat.com>
BZ verified on latests bits from RHCS repo (We did pre-verification from rhcs repo because the bits were not there in development compose and we do not want to delay Verification): pki-ca noarch 10.10.3-1.module+el8pki+9457+b4dcf7f7 RHEL8.4-CERTSYS 1.0 M pki-kra noarch 10.10.3-1.module+el8pki+9457+b4dcf7f7 RHEL8.4-CERTSYS 201 k pki-server noarch 10.10.3-1.module+el8pki+9457+b4dcf7f7 Successful pipeline : https://gitlab.cee.redhat.com/skhandel/pki-pytest-ansible/-/jobs/2776695 Marking the BZ verified-tested
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:1775