Bug 734606 - subscription-manager import appears successful, but does not list --consumed
subscription-manager import appears successful, but does not list --consumed
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: subscription-manager (Show other bugs)
6.2
Unspecified Unspecified
unspecified Severity high
: rc
: ---
Assigned To: Michael Stead
John Sefler
:
Depends On:
Blocks: rhsm-rhel62 743047
  Show dependency treegraph
 
Reported: 2011-08-30 17:43 EDT by John Sefler
Modified: 2011-12-06 12:23 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-12-06 12:23:48 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description John Sefler 2011-08-30 17:43:50 EDT
Description of problem:
When importing an entitlement cert/key bundle that was exported from rhsm-web, the file can be named anything by the user (e.g. save file as /tmp/entitlement.cert), then after importing the certificate, rhsm splits the file into /etc/pki/entitlement/entitlement.cert and /etc/pki/entitlement/entitlement-key.cert), however the subscription-manager list --consumed is empty.  If I change the name of the imported files to the <hash>.pem and <hash>-key.pem, then the list --consumed works.


Version-Release number of selected component (if applicable):
[root@jsefler-onprem-62server ~]# rpm -q subscription-manager
subscription-manager-0.96.7-1.git.14.c203b16.el6.x86_64


How reproducible:


Steps to Reproduce:

[root@jsefler-onprem-62server ~]# subscription-manager register --username=testuser1 --password=password --org=admin
The system has been registered with id: dc70b10f-c7fb-4258-a162-d8a3ff94073d 
[root@jsefler-onprem-62server ~]# subscription-manager list --avail | grep -A1 ProductId
ProductId:         	management-100           
PoolId:            	8a90f8c6321781e0013217835fd20279
--
[root@jsefler-onprem-62server ~]# subscription-manager subscribe --pool=8a90f8c6321781e0013217835fd20279
Successfully subscribed the system to Pool 8a90f8c6321781e0013217835fd20279
[root@jsefler-onprem-62server ~]# subscription-manager list --consumed
+-------------------------------------------+
    Consumed Product Subscriptions
+-------------------------------------------+


ProductName:        	Management Add-On        
ContractNumber:     	71                       
AccountNumber:      	12331131231              
SerialNumber:       	3567730850023029883      
Active:             	True                     
QuantityUsed:       	1                        
Begins:             	08/28/2011               
Expires:            	08/27/2012               

[root@jsefler-onprem-62server ~]# ls /etc/pki/entitlement/
3567730850023029883-key.pem  3567730850023029883.pem
[root@jsefler-onprem-62server ~]# cd /etc/pki/entitlement/

[root@jsefler-onprem-62server entitlement]# cat 3567730850023029883.pem 3567730850023029883-key.pem > /tmp/entitlement.cert

[root@jsefler-onprem-62server entitlement]# cat 3567730850023029883.pem 3567730850023029883-key.pem > /tmp/entitlement.pem

[root@jsefler-onprem-62server entitlement]# cat 3567730850023029883.pem 3567730850023029883-key.pem > /tmp/3567730850023029883

[root@jsefler-onprem-62server entitlement]# cat 3567730850023029883.pem 3567730850023029883-key.pem > /tmp/3567730850023029883.pem

^^^ GENERATED FOUR IMPORT CASES AND YOU WILL SEE THAT TWO OF THEM WILL FAIL

[root@jsefler-onprem-62server entitlement]# rm /etc/pki/entitlement/*
rm: remove regular file `/etc/pki/entitlement/3567730850023029883-key.pem'? y
rm: remove regular file `/etc/pki/entitlement/3567730850023029883.pem'? y
[root@jsefler-onprem-62server entitlement]# 


[root@jsefler-onprem-62server entitlement]# subscription-manager import --certificate /tmp/entitlement.cert
Successfully imported certificate entitlement.cert
[root@jsefler-onprem-62server entitlement]# ls /etc/pki/entitlement/
entitlement.cert  entitlement-key.cert
[root@jsefler-onprem-62server entitlement]# subscription-manager list --consumed
No Consumed subscription pools to list

^^^ BANG!  THE IMPORT APPEARS SUCCESSFUL AND CORRECTLY SPLITS THE IMPORT FILE, BUT THE LIST --consumed FAILS

LET'S TRY AGAIN...  MAYBE ITS THE FILE EXTENSION THAT IS IMPORTANT?

[root@jsefler-onprem-62server entitlement]# rm -f /etc/pki/entitlement/*
[root@jsefler-onprem-62server entitlement]# subscription-manager import --certificate /tmp/entitlement.pem
Successfully imported certificate entitlement.pem
[root@jsefler-onprem-62server entitlement]# ls /etc/pki/entitlement/
entitlement-key.pem  entitlement.pem
[root@jsefler-onprem-62server entitlement]# subscription-manager list --consumed
No Consumed subscription pools to list
[root@jsefler-onprem-62server entitlement]# 

^^^ BANG! FAILED WITH A .pem EXTENSION TOO

NOW LET"S TRY WITH THIRD CASE...

[root@jsefler-onprem-62server entitlement]# rm -f /etc/pki/entitlement/*
[root@jsefler-onprem-62server entitlement]# subscription-manager import --certificate /tmp/3567730850023029883
Successfully imported certificate 3567730850023029883
[root@jsefler-onprem-62server entitlement]# ls /etc/pki/entitlement/
3567730850023029883  3567730850023029883-key
[root@jsefler-onprem-62server entitlement]# subscription-manager list --consumed
No Consumed subscription pools to list

^^^ BANG! FAILED AGAIN.

NOW LET"S TRY WITH FOURTH CASE...


[root@jsefler-onprem-62server entitlement]# rm -f /etc/pki/entitlement/*
[root@jsefler-onprem-62server entitlement]# subscription-manager import --certificate /tmp/3567730850023029883.pem
Successfully imported certificate 3567730850023029883.pem
[root@jsefler-onprem-62server entitlement]# ls /etc/pki/entitlement/
3567730850023029883-key.pem  3567730850023029883.pem
[root@jsefler-onprem-62server entitlement]# subscription-manager list --consumed
+-------------------------------------------+
    Consumed Product Subscriptions
+-------------------------------------------+


ProductName:        	Management Add-On        
ContractNumber:     	71                       
AccountNumber:      	12331131231              
SerialNumber:       	3567730850023029883      
Active:             	True                     
QuantityUsed:       	1                        
Begins:             	08/28/2011               
Expires:            	08/27/2012      

^^^ NOW IT WORKS.
Comment 1 Michael Stead 2011-09-08 12:07:52 EDT
Fixed in master branch (3236ce3f2561e306886ff80963a4ddb3bbdb6950)

Now checks the serial number of the cert and renames the file in the following formats:

<s/n>.pem
<s/n>-key.pem
Comment 3 John Sefler 2011-09-08 14:03:27 EDT
Verifying Version...
[root@jsefler-onprem-62server ~]# rpm -q subscription-manager
subscription-manager-0.96.9-1.git.4.3236ce3.el6.x86_64


[root@jsefler-onprem-62server ~]# subscription-manager clean
All local data removed
[root@jsefler-onprem-62server ~]# subscription-manager list --consumed
No Consumed subscription pools to list
[root@jsefler-onprem-62server ~]# subscription-manager import --certificate /tmp/importCertificatesDir/myExportedEntitlement.pem
Successfully imported certificate myExportedEntitlement.pem
[root@jsefler-onprem-62server ~]# ls /etc/pki/entitlement/
4249612904057333274-key.pem  4249612904057333274.pem
[root@jsefler-onprem-62server ~]# subscription-manager list --consumed
+-------------------------------------------+
    Consumed Product Subscriptions
+-------------------------------------------+


ProductName:        	Awesome OS for i686/x86_64 Bits
ContractNumber:     	44                       
AccountNumber:      	12331131231              
SerialNumber:       	4249612904057333274      
Active:             	True                     
QuantityUsed:       	1                        
Begins:             	07/29/2011               
Expires:            	09/28/2012               



^^^ VERIFIED THAT AN IMPORT OF A VALID CERTIFICATE BUNDLE THAT WAS RENAMED BY THE USER (myExportedEntitlement.pem) WAS TRUELY IMPORTED SUCCESSFULLY BY SUBSCRIPTION-MANGER. LET'S TRY AGAIN WITH (anotherExportedEntitlement)...


[root@jsefler-onprem-62server ~]# subscription-manager import --certificate /tmp/importCertificatesDir/anotherExportedEntitlement
Successfully imported certificate anotherExportedEntitlement
[root@jsefler-onprem-62server ~]# ls /etc/pki/entitlement/
4249612904057333274-key.pem  4249612904057333274.pem  8122730699557767282-key.pem  8122730699557767282.pem
[root@jsefler-onprem-62server ~]# subscription-manager list --consumed
+-------------------------------------------+
    Consumed Product Subscriptions
+-------------------------------------------+


ProductName:        	Awesome OS for i686/x86_64 Bits
ContractNumber:     	44                       
AccountNumber:      	12331131231              
SerialNumber:       	4249612904057333274      
Active:             	True                     
QuantityUsed:       	1                        
Begins:             	07/29/2011               
Expires:            	09/28/2012               


ProductName:        	Management Bits          
ContractNumber:     	18                       
AccountNumber:      	12331131231              
SerialNumber:       	8122730699557767282      
Active:             	True                     
QuantityUsed:       	1                        
Begins:             	07/29/2011               
Expires:            	09/28/2012               


^^^ VERIFIED THE RENAMED CERTIFICATE WAS TRUELY IMPORTED SUCCESSFULLY BY SUBSCRIPTION-MANGER.

Moving to VERIFIED
Comment 4 errata-xmlrpc 2011-12-06 12:23:48 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1695.html

Note You need to log in before you can comment on or make changes to this bug.