Bug 806958 - One empty certificate file in /etc/rhsm/ca causes registration failure
One empty certificate file in /etc/rhsm/ca causes registration failure
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: python-rhsm (Show other bugs)
5.7
Unspecified Unspecified
unspecified Severity low
: rc
: ---
Assigned To: Alex Wood
Entitlement Bugs
:
Depends On:
Blocks: 771748
  Show dependency treegraph
 
Reported: 2012-03-26 11:31 EDT by Jeff Weiss
Modified: 2014-11-09 17:52 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: An unimplemented method in an error class. Consequence: A traceback was being printed to the console obscuring an actual error message. Fix: Implementing the missing method on the error class. Result: The error message is now reported successfully.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-01-08 02:17:03 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jeff Weiss 2012-03-26 11:31:51 EDT
Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. touch /etc/rhsm/ca/myemptycert.pem 
2. subscription-manager register 
3. rm -f /etc/rhsm/ca/myemptycert.pem
4. subscription-manager register
  
Actual results:
BadCertificateException instance has no attribute 'args' on step 2, 
success on step 4

Expected results:
Successful registration with or without one bad cert

Additional info:
Comment 1 RHEL Product and Program Management 2012-04-02 06:50:15 EDT
This request was evaluated by Red Hat Product Management for inclusion
in a Red Hat Enterprise Linux release.  Product Management has
requested further review of this request by Red Hat Engineering, for
potential inclusion in a Red Hat Enterprise Linux release for currently
deployed products.  This request is not yet committed for inclusion in
a release.
Comment 2 Alex Wood 2012-05-18 15:21:11 EDT
To reproduce this error, make sure that 

insecure = 0

in /etc/rhsm/rhsm.conf.  Otherwise the request method won't even look at the CA certificates.
Comment 3 Alex Wood 2012-05-22 14:59:12 EDT
commit e08b0ec3062ba0a40b35c2b6eb961eec8b420eab
Author: Alex Wood <awood@redhat.com>
Date:   Fri May 18 15:59:31 2012 -0400

    806958: BadCertificateException not displaying properly.
    
    The __str__ function added to BadCertificateException does not need
    to be internationalized since this message should only appear in
    the logs.
Comment 5 RHEL Product and Program Management 2012-06-11 21:00:45 EDT
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.
Comment 6 RHEL Product and Program Management 2012-06-19 13:28:36 EDT
This request was evaluated by Red Hat Product Management for inclusion
in a Red Hat Enterprise Linux release.  Product Management has
requested further review of this request by Red Hat Engineering, for
potential inclusion in a Red Hat Enterprise Linux release for currently
deployed products.  This request is not yet committed for inclusion in
a release.
Comment 7 J.C. Molet 2012-06-19 16:07:57 EDT
Version:
python-rhsm-1.0.2-1.git.1.4659671.el5
subscription-manager-1.0.4-1.git.3.1768f90.el5


[root@jmolet-vm0 rhsm]# touch /etc/rhsm/ca/myemptycert.pem
[root@jmolet-vm0 rhsm]# cat rhsm.conf | grep insecure
insecure=0
[root@jmolet-vm0 rhsm]# subscription-manager register
Username: testuser1
Password: 
Bad CA certificate: /etc/rhsm/ca/myemptycert.pem

^^^ 

[root@jmolet-vm0 rhsm]# subscription-manager identity
This system is not yet registered. Try 'subscription-manager register --help' for more information.


This appears to print out a nicer error and not stack trace and then fails gracefully.

marking VERIFIED.
Comment 9 errata-xmlrpc 2013-01-08 02:17:03 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-0039.html

Note You need to log in before you can comment on or make changes to this bug.