Hide Forgot
Section 4.1 needs to be updated about the rhui-manager first launch. After the user responds to the prompt about entering the full path to the CA key there is a new prompt that prompts the user for how many days the identity certificate should be valid for. The default value is 3650 days, roughly 10 years. In the example text from the rhui-manager first launch, replace the following: ############################################################################# A RHUI identity certificate is required to use RHUI Tools but was not found. A new identity certificate will be generated now using the CA certificate found at /etc/pki/rhui/entitlement-ca.crt. ......................................+++ ........................+++ ############################################################################# with: ############################################################################# A RHUI identity certificate is required to use RHUI Tools but was not found. A new identity certificate will be generated now using the CA certificate found at /root/ca-openshift.crt. Enter the number of days the RHUI identity certificate will be valid. If the identity certificate ever expires, it will need to be regenerated using rhui-manager [Default: 3650]: ......................................+++ ........................+++ ############################################################################# The user can use whatever value they want, but if the certificate ever expires, it will need to be regenerated. We may also want to add a note that the identity certificate is used for authenticating the CDS to the RHUA and securing the communication between the two.
set tracker bug. 746803
<para> You will also be asked to enter the number of days that the identity certificate is valid for. The system will default to 3650 days (ten years). Once an identity certificate has expired, it will need to be regenerated. This procedure is detailed in <xref linkend="regenidcert" />. </para> Also updated the example as indicated. Please verify on stage. Revision 2-13 LKB
Verified at stage at following link: http://documentation-stage.bne.redhat.com/docs/en-US/Red_Hat_Update_Infrastructure/2.0/html/Installation_Guide/chap-Installation_Guide-RHUI_Manager.html#sect-Installation_Guide-RHUI_Manager-RHUI_Manager_First_Launch under 4.1. RHUI Manager First Launch ==> step2 However in example 4.1 text, please add this statement: >> Generating entitlement certificate serial number database file >> /etc/pki/rhui/entitlement-ca.srl exactly above the following: >> A RHUI identity certificate is required to use RHUI Tools but was not found. >> A new identity certificate will be generated now using the CA certificate >> found at /etc/pki/rhui/entitlement-ca.crt.
Example screen should be like: # rhui-manager An entitlement signing CA certificate is required to use RHUI Tools but was not found. Full path to the new signing CA certificate: /root/certs/ca.crt Full path to the new signing CA certificate private key: /root/certs/ca.key Generating entitlement certificate serial number database file /etc/pki/rhui/entitlement-ca.srl A RHUI identity certificate is required to use RHUI Tools but was not found. A new identity certificate will be generated now using the CA certificate found at /etc/pki/rhui/entitlement-ca.crt. Enter the number of days the RHUI identity certificate will be valid. If the identity certificate ever expires, it will need to be regenerated using rhui-manager [Default: 3650]: ........+++ ....+++ Previous authentication credentials could not be found. Logging into the RHUI. If this is the first time using the RHUI, it is recommended to change the user's password in the User Management section of RHUI Tools. RHUI Username: admin RHUI Password:
(In reply to comment #5) > Example screen should be like: > > # rhui-manager > An entitlement signing CA certificate is required to use RHUI Tools > but was not found. > > Full path to the new signing CA certificate: > /root/certs/ca.crt > > Full path to the new signing CA certificate private key: > /root/certs/ca.key > > Generating entitlement certificate serial number database file > /etc/pki/rhui/entitlement-ca.srl > A RHUI identity certificate is required to use RHUI Tools but was not found. > A new identity certificate will be generated now using the CA certificate > found at /etc/pki/rhui/entitlement-ca.crt. > > Enter the number of days the RHUI identity certificate will be valid. > If the identity certificate ever expires, it will need to be > regenerated using rhui-manager [Default: 3650]: > ........+++ > ....+++ > Previous authentication credentials could not be found. Logging into > the RHUI. > > If this is the first time using the RHUI, it is recommended to change > the user's password in the User Management section of RHUI Tools. > > RHUI Username: admin > RHUI Password: Done. Revision 2-14 LKB
Verified at stage with : http://documentation-stage.bne.redhat.com/docs/en-US/Red_Hat_Update_Infrastructure/2.0/html/Installation_Guide/chap-Installation_Guide-RHUI_Manager.html#sect-Installation_Guide-RHUI_Manager-RHUI_Manager_First_Launch Now example 4.1 is updated as per comment6.