1879199 – ovirt-engine-extension-aaa-ldap-setup fails on cert import

Bug 1879199 - ovirt-engine-extension-aaa-ldap-setup fails on cert import

Summary: ovirt-engine-extension-aaa-ldap-setup fails on cert import

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Virtualization Manager
Classification:	Red Hat
Component:	ovirt-engine-extension-aaa-ldap
Sub Component:
Version:	4.4.1
Hardware:	Unspecified
OS:	Unspecified
Priority:	urgent
Severity:	urgent
Target Milestone:	ovirt-4.4.3
Target Release:	---
Assignee:	Martin Perina
QA Contact:	Petr Matyáš
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-09-15 16:18 UTC by Anitha Udgiri
Modified:	2024-03-25 16:29 UTC (History)
CC List:	8 users (show)
Fixed In Version:	ovirt-engine-extension-aaa-ldap-1.4.2
Doc Type:	No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-11-24 13:10:05 UTC
oVirt Team:	Infra
Target Upstream Version:
Embargoed:
Flags:	pmatyas: testing_plan_complete+

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Knowledge Base (Solution)	5434011	None	None	None	2020-09-24 20:56:54 UTC
Red Hat Product Errata	RHSA-2020:5179	None	None	None	2020-11-24 13:10:26 UTC
oVirt gerrit	111550	None	MERGED	aaa: Open temporary files with the correct mode	2021-02-04 08:36:29 UTC

Description Anitha Udgiri 2020-09-15 16:18:26 UTC

Description of problem:

 ovirt-engine-extension-aaa-ldap-setup results in the following error when using a CA certificate during setup

[ ERROR ] Failed to execute stage 'Environment customization': a bytes-like object is required, not 'str'

Version-Release number of selected component (if applicable):

rhvm-4.4.1.10-0.1.el8ev.noarch
ovirt-engine-extension-aaa-ldap-1.4.0-1.el8ev.noarch
ovirt-engine-extension-aaa-ldap-setup-1.4.0-1.el8ev.noarch 

How reproducible:

Always


Actual results:

[ ERROR ] Failed to execute stage 'Environment customization': a bytes-like object is required, not 'str'

Expected results:

Should succeed in converting the .pem file to a jks file

Comment 2 Martin Perina 2020-09-15 19:01:29 UTC

The easiest workaround is to use Insecure option, where we are not importing CA certificate.

Comment 3 Anitha Udgiri 2020-09-15 19:07:00 UTC

(In reply to Martin Perina from comment #2)
> The easiest workaround is to use Insecure option, where we are not importing
> CA certificate.

Thanks Martin. This is what we have recommended one of the Customers to do. the other 2 are new cases and we will do provide them with the same workaround until the bug is patched.

Comment 12 Petr Matyáš 2020-11-09 12:27:46 UTC

Verified with ovirt-engine-extension-aaa-ldap-1.4.2-1.el8ev.noarch

Comment 16 errata-xmlrpc 2020-11-24 13:10:05 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Low: Red Hat Virtualization security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:5179

Note You need to log in before you can comment on or make changes to this bug.