811624 – RHUA Manager does not capture invalid client CA pass phrase

Bug 811624 - RHUA Manager does not capture invalid client CA pass phrase

Summary: RHUA Manager does not capture invalid client CA pass phrase

Keywords:
Status:	CLOSED DUPLICATE of bug 809064
Alias:	None
Product:	Red Hat Update Infrastructure for Cloud Providers
Classification:	Red Hat
Component:	RHUA
Sub Component:
Version:	2.1
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	---
Target Release:	---
Assignee:	James Slagle
QA Contact:	wes hayutin
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2012-04-11 14:59 UTC by Matthew Mariani
Modified:	2012-04-17 19:28 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2012-04-17 19:28:19 UTC
Target Upstream Version:

Attachments	(Terms of Use)
RHUI Log showing unable to load client CA Private Key (8.36 KB, text/plain) 2012-04-11 14:59 UTC, Matthew Mariani	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Description Matthew Mariani 2012-04-11 14:59:53 UTC

Created attachment 576804 [details]
RHUI Log showing unable to load client CA Private Key

Description of problem:
When creating the RHUI identity cert,
The wrong client certificate pass phrase was used; however, rhui-manager reports successfully regenerated RHUI identity certificate, when it fact it does not.  

Version-Release number of selected component (if applicable):
RHUI 2.0.2

How reproducible:
When creating the RHUI identity cert, enter the wrong passphrase. 

Steps to Reproduce:
1.  Generate a new RHUI identity cert
2.  Enter an invalid client CA passphrase
Enter the number of days the RHUI identity certificate will be valid. 
If the identity certificate ever expires, it will need to be
regenerated using rhui-manager [Default: 3650]:    
....+++
..........................................................................+++
Enter pass phrase for /etc/pki/rhui/entitlement-ca-key.pem:  
Successfully regenerated RHUI Identity certificate 
3.  Look in rhui.log for error message (unable to load CA Private Key): (see attachment)
Private key creation output
Exit Code: 0

writing RSA key

Command [openssl x509 -req -days 3650 -in /tmp/rhui-id-Ak1Nbw/identity.csr -CA /etc/pki/rhui/entitlement-ca.crt -CAkey /etc/pki/rhui/entitlement-ca-key.pem -out /tmp/rhui-id-Ak1Nbw/identity.crt -extfile /tmp/rhui-id-Ak1Nbw/identity-extensions.txt -extensions rhui]
Certificate creation output

Signature ok
subject=/CN=Red Hat Update Infrastructure
Getting CA Private Key
unable to load CA Private Key



Actual results:
Enter the number of days the RHUI identity certificate will be valid. 
If the identity certificate ever expires, it will need to be
regenerated using rhui-manager [Default: 3650]:    
....+++
..........................................................................+++
Enter pass phrase for /etc/pki/rhui/entitlement-ca-key.pem:    
Successfully regenerated RHUI Identity certificate 


Expected results:
Enter pass phrase for /etc/pki/rhui/entitlement-ca-key.pem:    
Invalid pass phrase or entitlement CA!!! Please try again
Enter pass phrase for /etc/pki/rhui/entitlement-ca-key.pem:

Additional info:

Comment 1 Matthew Mariani 2012-04-11 15:06:46 UTC

CORRECTION: 
Description of problem/How reproducible:
Should be When creating the 'RHUI repositories', not 'identity certs'

Reference:
Support Case 00619715 - RHUA Repository Creation Fail - RESOLVED

Comment 2 James Slagle 2012-04-17 19:28:19 UTC


*** This bug has been marked as a duplicate of bug 809064 ***

Note You need to log in before you can comment on or make changes to this bug.