442103 – rhds8.0 "manage certificates" and ssl in console java.lang.NullPointerException

Bug 442103 - rhds8.0 "manage certificates" and ssl in console java.lang.NullPointerException

Summary: rhds8.0 "manage certificates" and ssl in console java.lang.NullPointerException

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Directory Server
Classification:	Red Hat
Component:	Directory Console
Sub Component:
Version:	8.0
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Target Release:	---
Assignee:	Rich Megginson
QA Contact:	Chandrasekar Kannan
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	430499 (view as bug list)
Depends On:
Blocks:	249650 FDS112
TreeView+	depends on / blocked

Reported:	2008-04-11 18:41 UTC by Issue Tracker
Modified:	2018-10-19 22:10 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2008-08-27 20:38:44 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
diffs (30.50 KB, patch) 2008-07-14 16:57 UTC, Rich Megginson	no flags	Details \| Diff
admin server diffs (30.99 KB, patch) 2008-07-14 17:29 UTC, Rich Megginson	no flags	Details \| Diff
cvs commit log (2.27 KB, text/plain) 2008-07-14 20:00 UTC, Rich Megginson	no flags	Details
cvs commit log for 8.0 branch (2.33 KB, text/plain) 2008-07-14 20:16 UTC, Rich Megginson	no flags	Details
Show Obsolete (1) View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2008:0602	0	normal	SHIPPED_LIVE	Moderate: redhat-ds-base and redhat-ds-admin security and bug fix update	2008-08-27 20:38:30 UTC

Comment 8 Rich Megginson 2008-07-14 16:57:24 UTC

Created attachment 311733 [details]
diffs

Comment 9 Rich Megginson 2008-07-14 17:29:57 UTC

Created attachment 311739 [details]
admin server diffs

Comment 10 Rich Megginson 2008-07-14 17:30:49 UTC

Comment on attachment 311739 [details]
admin server diffs

wrong diffs - please ignore

Comment 11 Rich Megginson 2008-07-14 20:00:42 UTC

Created attachment 311765 [details]
cvs commit log

Reviewed by: nkinder (Thanks!)
Branch: HEAD
Fix Description: I changed security to get the security file directory for the
directory server from cn=config from that directory server.  Unfortunately, I
didn't take into consideration that the CGI might have to use LDAPS to connect.
 If you have checked the Use SSL for Console button in the console when
configuring that directory server for SSL, the CGIs will attempt to use LDAPS. 
In this case, there were several problems:
1) NSS was not initialized - need to use the admin server key/cert db to talk
LDAPS to the directory server
2) When I did do the NSS init, it failed because the admin server key/cert db
did not exist, and the directory was not writable.
3) I needed to shutdown NSS so that the key/cert db for the directory server
itself could be opened in order to get its contents
The consequences of this are that now, when you attempt to use NSS for the
first time, if the key/cert databases do not exist, they will be created empty.
 If the user sets up the directory server for SSL, and tells the console to use
SSL with this directory server, the user will have to install the CA
certificate in the admin server key/cert db, so that the console and admin CGIs
can talk to that directory server using LDAPS.
I changed all of the admin server CGIs to properly initialize NSS in case they
too needed to speak LDAPS for some reason.  I also cleaned up several compiler
warnings in the admin server CGIs.
I believe this is also the same problem as
https://bugzilla.redhat.com/show_bug.cgi?id=430499
Platforms tested: RHEL5, Fedora 8, Fedora 9
Flag Day: no
Doc impact: no
QA impact: Will need to test various console interactions with SSL with admin
server and directory server.
New Tests integrated into TET: none

Comment 20 errata-xmlrpc 2008-08-27 20:38:44 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2008-0602.html

Comment 22 Rich Megginson 2008-09-16 20:57:54 UTC

*** Bug 430499 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.