Bug 204959 - Issuer Showing up as Unknown, even though it's showing as Enrolled
Summary: Issuer Showing up as Unknown, even though it's showing as Enrolled
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: esc
Version: 5.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
: ---
Assignee: Jack Magne
QA Contact:
URL:
Whiteboard: RHEL5.0NACK
Depends On:
Blocks: 202042
TreeView+ depends on / blocked
 
Reported: 2006-09-01 18:56 UTC by Suzanne Hillman
Modified: 2007-11-30 22:07 UTC (History)
2 users (show)

Fixed In Version: RHBA-2007-0634
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-11-07 16:57:47 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
Shows the unknown Issuer at the same time as the ENROLLED state (1002.27 KB, image/png)
2006-09-01 18:56 UTC, Suzanne Hillman 		no flags Details
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2007:0634 0 normal SHIPPED_LIVE esc bug fix update 2007-10-30 22:43:54 UTC

Description Suzanne Hillman 2006-09-01 18:56:29 UTC 
Description of problem:
Issuer Showing up as Unknown, even though it's showing as Enrolled. It showed as
Verocity Inc when I formatted and enrolled it, but it apparently didn't keep it.
See screenshot.

Version-Release number of selected component (if applicable):
esc-1.0.0-8.fc6
pam_pkcs11-0.5.3-14
coolkey-1.0.1-3
Comment 1 Suzanne Hillman 2006-09-01 18:56:29 UTC 
Created attachment 135404 [details]
Shows the unknown Issuer at the same time as the ENROLLED state
Comment 2 Jack Magne 2006-09-17 01:42:03 UTC 
Here is one scenario where this could happen.

1. TPS was down.
2. ESC maybe had not seen this key before.
3. ESC tried to phone home and get the information and failed.
Comment 3 Bob Lord 2006-09-21 18:26:43 UTC 
Can you still reproduce this bug?
Comment 4 Suzanne Hillman 2006-09-21 18:34:28 UTC 
Yeah. I had that happening again before I reformatted and enrolled again, this
morning. (with the 0920 tree bits)
Comment 5 RHEL Program Management 2006-11-20 21:59:33 UTC 
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for
inclusion.
Comment 6 Chandrasekar Kannan 2006-11-21 14:32:01 UTC 
per SSO bug council on 11/17, we will target this for rhel 5.0 release
candidates. this is not a blocker.
Comment 7 Benjamin Kahn 2007-01-04 19:59:08 UTC 
This bug was proposed for RHEL 5, but wasn't resolved in time.
    I am proposing this issue to RHEL 5.1.
Comment 8 Chandrasekar Kannan 2007-03-20 04:45:11 UTC 
per the last bug meeting, we decided this would be fixed in the rhel 5.1 release. 
qa_ack+
Comment 9 Bob Lord 2007-03-28 17:21:49 UTC 
This bug was proposed for RHEL 5, but wasn't resolved in time.
    devel_ack+ for RHEL 5.1.
Comment 10 Jack Magne 2007-04-13 18:53:18 UTC 
Locally ESC will now try to get the issuer from the certificates in an
unenrolled token if it can not find the information through phone home.
Comment 11 Jack Magne 2007-04-20 01:01:59 UTC 
Fixed in build esc-1.0.0-22.el5. 
ESC will now get this value from it's phone home data OR from its certificates.
Comment 13 Jack Magne 2007-06-07 20:38:06 UTC 
You may be able to reproduce this with the old ESC by:

1. Stop ESC.
2. Remove your profile in ~/.redhat/esc
3. Temporarily disable your network link.
4. Start ESC.
5. Put in an enrolled token.

The new ESC should fix this case since it can now gather the issuer info from
certificate info inside the token.

thanks,
jack
Comment 16 Chandrasekar Kannan 2007-08-23 22:04:28 UTC 
Verified on x86_64. rhel5u1-snapshot#2.
Comment 18 errata-xmlrpc 2007-11-07 16:57:47 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2007-0634.html
Note You need to log in before you can comment on or make changes to this bug.