Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 640463

Summary: some of the Order Namespace entitlement values are missing from the generated entitlement product certs
Product: [Community] Candlepin (Migrated to Jira) Reporter: John Sefler <jsefler>
Component: candlepinAssignee: Bryan Kearney <bkearney>
Status: CLOSED CURRENTRELEASE QA Contact: John Sefler <jsefler>
Severity: medium Docs Contact:
Priority: low    
Version: 0.5CC: morazi, msechres, whayutin
Target Milestone: ---Keywords: QA-Closed
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-02-23 21:51:40 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 639436    

Description John Sefler 2010-10-05 21:19:36 UTC 
Description of problem:

The following is cut from the doc https://docspace.corp.redhat.com/docs/DOC-30244 which describes the OID structure for the Order Namespace within the entitlement certificates:
1.3.6.1.4.1.2312.9.4 (Order Namespace)
  1.3.6.1.4.1.2312.9.4.1 (Name): Red Hat Enterprise Linux Server
  1.3.6.1.4.1.2312.9.4.2 (Order Number) : 12345
  1.3.6.1.4.1.2312.9.4.3 (SKU) : MCT0982
  1.3.6.1.4.1.2312.9.4.4 (Subscription Number) : abcd-ef12-1234-5678
  1.3.6.1.4.1.2312.9.4.5 (Quantity) : 100
  1.3.6.1.4.1.2312.9.4.6 (Entitlement Start Date) : 1/1/2010
  1.3.6.1.4.1.2312.9.4.7 (Entitlement End Date) : 12/31/2011
  1.3.6.1.4.1.2312.9.4.8 (Subtype) : Supplementary
  1.3.6.1.4.1.2312.9.4.9 (Virtualization Limit) : 4
  1.3.6.1.4.1.2312.9.4.10 (Socket Limit) : None
  1.3.6.1.4.1.2312.9.4.11 (Product Option Code) : 98
  1.3.6.1.4.1.2312.9.4.12 (Contract Number): 152341643
  1.3.6.1.4.1.2312.9.4.13 (Quantity Used): 4
  1.3.6.1.4.1.2312.9.4.14 (Warning Period): 30

Taking a closer look at an example entitlement cert served by candlepin, the following values are missing.
  1.3.6.1.4.1.2312.9.4.3 (SKU) : MCT0982
  1.3.6.1.4.1.2312.9.4.4 (Subscription Number) : abcd-ef12-1234-5678
  1.3.6.1.4.1.2312.9.4.8 (Subtype) : Supplementary
  1.3.6.1.4.1.2312.9.4.9 (Virtualization Limit) : 4
  1.3.6.1.4.1.2312.9.4.10 (Socket Limit) : None
  1.3.6.1.4.1.2312.9.4.11 (Product Option Code) : 98


[root@jsefler-rhel6-client01 ~]# subscription-manager-cli list --available | grep PoolId
PoolId:            	ff8080812b7b6b08012b7b6c0b9a00ca
[root@jsefler-rhel6-client01 ~]# subscription-manager-cli subscribe --pool=ff8080812b7b6b08012b7b6c0b9a00ca
[root@jsefler-rhel6-client01 ~]# openssl x509 -noout -text -in /etc/pki/entitlement/product/1128631322859633.pem  | grep -A1 1.3.6.1.4.1.2312.9.4
            1.3.6.1.4.1.2312.9.4.1: 
                ..MKT-rhel-server
            1.3.6.1.4.1.2312.9.4.2: 
                . ff8080812b7b6b08012b7b6b95100052
            1.3.6.1.4.1.2312.9.4.5: 
                ..10
            1.3.6.1.4.1.2312.9.4.6: 
                ..2010-10-05T00:00:00Z
            1.3.6.1.4.1.2312.9.4.7: 
                ..2011-10-05T00:00:00Z
            1.3.6.1.4.1.2312.9.4.14: 
                ..0
            1.3.6.1.4.1.2312.9.4.12: 
                ..0
            1.3.6.1.4.1.2312.9.4.13: 
                ..1


I'm not sure if these missing values are a big deal, however they are missing.
Comment 1 Bryan Kearney 2010-10-06 16:39:27 UTC 
Mark:

Please confirm

  1.3.6.1.4.1.2312.9.4.3 (SKU) : MCT0982
Should be there.

  1.3.6.1.4.1.2312.9.4.4 (Subscription Number) : abcd-ef12-1234-5678
Optional, should exist only if created by a reg number.

  1.3.6.1.4.1.2312.9.4.8 (Subtype) : Supplementary
Obsolete, should be removed.

  1.3.6.1.4.1.2312.9.4.9 (Virtualization Limit) : 4
  1.3.6.1.4.1.2312.9.4.10 (Socket Limit) : None
  1.3.6.1.4.1.2312.9.4.11 (Product Option Code) : 98
Obsolete, should be removed.
Comment 2 Mark Sechrest 2010-10-06 17:50:42 UTC 
Subtype and option code likely need to stay for legacy skus. Otherwise I agree with bk's comment.
Comment 3 Mark Sechrest 2010-10-06 19:56:32 UTC 
Subtype and option code likely need to stay for legacy skus. Otherwise I agree with bk's comment.
Comment 4 Bryan Kearney 2010-10-06 20:09:04 UTC 
Mark chatted with Amanda, and the following should occur:

  1.3.6.1.4.1.2312.9.4.3 (SKU) : MCT0982
Should be there.

  1.3.6.1.4.1.2312.9.4.4 (Subscription Number) : abcd-ef12-1234-5678
Optional, should exist only if created by a reg number.

  1.3.6.1.4.1.2312.9.4.8 (Subtype) : Supplementary
Obsolete, should be removed. Move all others up. Update doco.

  1.3.6.1.4.1.2312.9.4.9 (Virtualization Limit) : 4
  1.3.6.1.4.1.2312.9.4.10 (Socket Limit) : None
  1.3.6.1.4.1.2312.9.4.11 (Product Option Code) : 98
Obsolete, should be removed. Update doco.
Comment 5 Bryan Kearney 2010-10-22 15:36:28 UTC 
fixed in 

candlepin: 8ae14219f94dc78330b0ac5e5e2cefbbd19e2ab4
subscription-manager: 92fa0cc8f6a94510e86d07a4bd1b268742a7439c
Comment 6 John Sefler 2010-12-07 22:16:29 UTC 
FROM DOC https://docspace.corp.redhat.com/docs/DOC-30244
1.3.6.1.4.1.2312.9.4 (Order Namespace)
  1.3.6.1.4.1.2312.9.4.1 (Name): Red Hat Enterprise Linux Server
  1.3.6.1.4.1.2312.9.4.2 (Order Number) : 12345
  1.3.6.1.4.1.2312.9.4.3 (SKU) : MCT0982
  1.3.6.1.4.1.2312.9.4.4 (Subscription Number) : abcd-ef12-1234-5678
  1.3.6.1.4.1.2312.9.4.5 (Quantity) : 100
  1.3.6.1.4.1.2312.9.4.6 (Entitlement Start Date) : 1/1/2010
  1.3.6.1.4.1.2312.9.4.7 (Entitlement End Date) : 12/31/2011
  1.3.6.1.4.1.2312.9.4.8 (Virtualization Limit) : 4
  1.3.6.1.4.1.2312.9.4.9 (Socket Limit) : None
  1.3.6.1.4.1.2312.9.4.10 (Contract Number): 152341643
  1.3.6.1.4.1.2312.9.4.11 (Quantity Used): 4
  1.3.6.1.4.1.2312.9.4.12 (Warning Period): 30
  1.3.6.1.4.1.2312.9.4.13 (Account Number): 9876543210
  1.3.6.1.4.1.2312.9.4.14 (Provides Management): 0 (boolean, 1 for true)

[root@jsefler-onprem02 ~]# openssl x509 -noout -text -in /etc/pki/entitlement/11291757215456231.pem | grep -A1 1.3.6.1.4.1.2312.9.4
            1.3.6.1.4.1.2312.9.4.1: 
                ..RHEL Workstation
            1.3.6.1.4.1.2312.9.4.2: 
                . ff8080812cc27e10012cc27e9037008c
            1.3.6.1.4.1.2312.9.4.3: 
                ..MKT-rhel-workstation-mkt
            1.3.6.1.4.1.2312.9.4.5: 
                ..10
            1.3.6.1.4.1.2312.9.4.6: 
                ..2010-12-07T00:00:00Z
            1.3.6.1.4.1.2312.9.4.7: 
                ..2011-12-07T00:00:00Z
            1.3.6.1.4.1.2312.9.4.12: 
                ..30
            1.3.6.1.4.1.2312.9.4.10: 
                ..34
            1.3.6.1.4.1.2312.9.4.13: 
                ..12331131231
            1.3.6.1.4.1.2312.9.4.14: 
                ..0
            1.3.6.1.4.1.2312.9.4.11: 
                ..1

The oid positions in the generated entitlements are now in agreement with the doc.
The 8(Virtualization Limit) and 9(Socket Limit) appear to be as needed by the subscription
The 4(Subscription Number) is missing in this example because the entitlement was not generated as a result of registering with a regtoken.

MOVING TO VERIFIED