Hide Forgot
Description of problem: running pulp-admin auth login will generate a permissions issue with custom ssl crt. Version-Release number of selected component (if applicable): 0.0.173-1.el6 How reproducible: Steps to Reproduce: 1. create custom crt and key for mod_ssl 2. configure and restart httpd 3. try to login with pulp-admin Actual results: error: operation failed: unable to write 'random state' Expected results: successful login Additional info: Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/pulp/server/webservices/controllers/base.py", line 52, in report_error return method(self, *args, **kwargs) File "/usr/lib/python2.6/site-packages/pulp/server/webservices/controllers/base.py", line 131, in _auth_decorator value = method(self, *args, **kwargs) File "/usr/lib/python2.6/site-packages/pulp/server/webservices/controllers/users.py", line 134, in GET private_key, cert = auth_api.admin_certificate() File "/usr/lib/python2.6/site-packages/pulp/server/auditing.py", line 207, in _audit result = method(*args, **kwargs) File "/usr/lib/python2.6/site-packages/pulp/server/api/auth.py", line 41, in admin_certificate private_key, cert = cert_generator.make_admin_user_cert(user) File "/usr/lib/python2.6/site-packages/pulp/server/auth/cert_generator.py", line 87, in make_admin_user_cert return make_cert(encode_admin_user(user)) File "/usr/lib/python2.6/site-packages/pulp/server/auth/cert_generator.py", line 132, in make_cert raise Exception("error signing cert request: %s" % output) Exception: error signing cert request: Signature ok subject=/CN=admin:admin:9b48fdb1-86c0-4ad9-ab61-57f3ece76452 Error opening CA Certificate /etc/pki/tls/certs/foo.domain.com.crt 139850927331144:error:0200100D:system library:fopen:Permission denied:bss_file.c:355:fopen('/etc/pki/tls/certs/foo.domain.com.crt','r') 139850927331144:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:357: unable to load certificate
- I reported this behavior on irc - but I had mixed up the paths for the CA certs with the host certificates. This makes the bug invalid.