Description of problem: Using appliance_console_cli to set SSL Certs does not overwrite the existing server.cer and server.cer.key Version-Release number of selected component (if applicable): cfme-5.9.7.2-1.el7cf.x86_64 How reproducible: always Steps to Reproduce: (Requires an IDM server to be setup and configured) 1. Configure an appliance as normal so evmserverd processes start appliance_console_cli \ --region=1 \ --internal \ --username=root \ --password=redhat \ --key \ --dbdisk=/dev/vdb 2. Use appliance_console_cli to join the appliance to an IPA domain appliance_console_cli \ --ipaserver=idm.example.com \ --ipaprincipal=admin \ --ipapassword=redhat 3. Use appliance_console_cli to setup SSL Certs appliance_console_cli \ --ca=ipa \ --http-cert Actual results: The certificate is created in IPA, but the /var/www/miq/vmdb/certs/server.cer and server.cer.key are not overwritten. The root.crt file is created. Expected results: The server.cer and server.cer.key files are the SSL certificate from IPA and not the self-signed certs. Additional info: I was able to work around this issue by removing/renaming the /var/www/miq/vmdb/server.cer and server.cer.key prior to running the command in step 3 above.
https://github.com/ManageIQ/manageiq-appliance_console/pull/83
New commit detected on ManageIQ/manageiq-appliance_console/master: https://github.com/ManageIQ/manageiq-appliance_console/commit/6188f0550209f9b03d15b63793818e137068c4ce commit 6188f0550209f9b03d15b63793818e137068c4ce Author: Joe VLcek <jvlcek> AuthorDate: Fri Mar 1 14:34:24 2019 -0500 Commit: Joe VLcek <jvlcek> CommitDate: Fri Mar 1 14:34:24 2019 -0500 Handle existing certs and support rerun of cert generation Will address: https://bugzilla.redhat.com/show_bug.cgi?id=1670138 lib/manageiq/appliance_console/certificate.rb | 22 +- spec/certificate_authority_spec.rb | 6 +- spec/certificate_spec.rb | 27 +- 3 files changed, 46 insertions(+), 9 deletions(-)
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:4199
Hello Satoe Imaishi, I think it is major issue still present on 5.10.X. Is it possible to clone this issue to 5.10.X, because I am still facing this issue on 5.10.X ?