Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be available on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 655127 - RHUI 1.2 Updates: Entitlement Certificate Note
Summary: RHUI 1.2 Updates: Entitlement Certificate Note
Alias: None
Product: Red Hat Update Infrastructure for Cloud Providers
Classification: Red Hat
Component: Documentation
Version: 1.1
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: ---
Assignee: Lana Brindley
QA Contact: ecs-bugs
Depends On:
Blocks: 649091
TreeView+ depends on / blocked
Reported: 2010-11-19 17:01 UTC by Jay Dobies
Modified: 2013-10-23 23:20 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2010-12-13 23:18:06 UTC
Target Upstream Version:

Attachments (Terms of Use)

Description Jay Dobies 2010-11-19 17:01:06 UTC
I'm not entirely sure where to put this.

When creating entitlement certificates, we allow the customer to select a subset of the overall product entitlements granted to them (this is already in the docs, or at least there's already a bugzilla describing it).

The common use case will be that we give them a certificate that grants access to both RHEL 5 and RHEL 6. That means the RHUI will serve both versions in the yum repos.

However, we don't want clients accessing both at the same time. This is where the drive for the entitlement certificate product selection came from. The customer should make one entitlement certificate for RHEL 5 and a different one for RHEL 6, then making sure to deploy the correct one on the client instances depending on version.

Bad things would happen if they made a client RPM that was configured to download from both RHEL 5 and 6.

So we should probably note that, since it's going to be a common enough scenario that cloud providers find themselves in.

Comment 1 Lana Brindley 2010-11-21 20:28:18 UTC
Added to content spec - Entitlement Certificates.


Comment 2 Lana Brindley 2010-11-22 10:17:34 UTC
		Once you have been granted a certificate, ensure that clients are only able to access one at a time. Only allow client instances to download the certificate they require for their version of the image, and no other certificates.

Revision 0-4.


Comment 4 Lana Brindley 2010-12-12 20:26:38 UTC
Fixed in another BZ.


Comment 5 Lana Brindley 2010-12-13 23:18:06 UTC
Published 14 December 2010: http://docs.redhat.com/docs/en-US/Red_Hat_Update_Infrastructure/1.2/html/Installation_Guide/index.html

Please raise any issues as new bugs against this live version.


Note You need to log in before you can comment on or make changes to this bug.