Bug 848742 - Certification file name is incorrect when doing auto-subscribe on RHEL 5.9 client/server i386
Summary: Certification file name is incorrect when doing auto-subscribe on RHEL 5.9 cl...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: python-rhsm
Version: 5.9
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: beta
: ---
Assignee: candlepin-bugs
QA Contact: Entitlement Bugs
URL:
Whiteboard:
Depends On:
Blocks: 771748
TreeView+ depends on / blocked
 
Reported: 2012-08-16 10:40 UTC by gaoshang
Modified: 2013-01-10 11:03 UTC (History)
7 users (show)

Fixed In Version: python-rhsm-1.0.6-1.el5
Doc Type: Bug Fix
Doc Text:
Cause: Arbitrary bit length certificate serial numbers were not supported. Consequence: Certificates could be created with incorrect file names. Fix: Support arbitrary length certificate serial numbers. Result: Certificates are created with the correct file name.
Clone Of:
Environment:
Last Closed: 2013-01-08 07:17:28 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
cert file (46.51 KB, application/x-x509-ca-cert)
2012-08-23 02:57 UTC, gaoshang 		no flags Details
cert file 2 (1.39 KB, application/x-gzip)
2012-08-23 03:14 UTC, gaoshang 		no flags Details
cert files (11.18 KB, application/x-gzip)
2012-08-23 03:18 UTC, gaoshang 		no flags Details
Show Obsolete (2) View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2013:0039 0 normal SHIPPED_LIVE python-rhsm bug fix update 2013-01-07 15:28:26 UTC

Comment 1 RHEL Program Management 2012-08-16 11:57:13 UTC 
This request was evaluated by Red Hat Product Management for inclusion
in a Red Hat Enterprise Linux release.  Product Management has
requested further review of this request by Red Hat Engineering, for
potential inclusion in a Red Hat Enterprise Linux release for currently
deployed products.  This request is not yet committed for inclusion in
a release.
Comment 2 gaoshang 2012-08-17 05:53:59 UTC 
I have also checked against the RHEL 5.9 Server with the same build, but the issue dose NOT happen.
Comment 3 gaoshang 2012-08-17 09:45:46 UTC 
I have double-checked this issue again and find this bug also can just be reproduced on RHEL 5.9 Server i386 and RHEL 5.9 Client i386, but it does NOT happen to RHEL 5.9 Server x86_64 and RHEL 5.9 Client x86_64, so I doubt it is related to arch and it's a i386 special issue.
Comment 4 Adrian Likins 2012-08-22 14:13:48 UTC 
Are the certs that got written as the -1-key.pem/-1-cert.pem available?
Comment 5 gaoshang 2012-08-23 02:54:33 UTC 
(In reply to comment #4)
> Are the certs that got written as the -1-key.pem/-1-cert.pem available?

The certs are not available. It can not unsubscribe in GUI. Following error dialog show up: "Entitlement Certificate with serial number -1 could not be found." But with command "subscription-manager unsubscribe --all", I can unsubscribe.
Attached the cert files
Comment 6 gaoshang 2012-08-23 02:57:34 UTC 
Created attachment 606435 [details]
cert file
Comment 7 gaoshang 2012-08-23 03:14:09 UTC 
Created attachment 606436 [details]
cert file 2

Failed to upload cert file "-1-key.pem" directly, so I compressed it. please decompress it with command "tar -zxvf key2.tar.gz"
Comment 8 gaoshang 2012-08-23 03:18:47 UTC 
Created attachment 606437 [details]
cert files
Comment 9 Li Bin Liu 2012-08-27 06:14:14 UTC 
Hi James,

 This bug is always blocking the Alpha build test, would you pls help take a look and resolve the issue asap? Thanks!
Comment 10 James Bowes 2012-08-28 20:18:53 UTC 
fixed in master, 09e8c89c4ab865f

should be in python-rhsm 1.0.6
Comment 13 gaoshang 2012-08-29 06:36:12 UTC 
This bug has been verfied and passed on 5.9 client 386
Comment 14 gaoshang 2012-08-29 06:40:59 UTC 
This bug has been verfied and passed with python-rhsm-1.0.6-1.el5 on RHEL 5.9 client i386.
Comment 17 gaoshang 2012-08-30 10:41:48 UTC 
On RHEL 5.9 client i386 with python-rhsm-1.0.6-1.el5, verified the issue as per the above steps and can get cert files with correct name under /etc/pki/entitlement/ as below:
#ls /etc/pki/entitlement/
3729695934511236014-key.pem 3729695934511236014.pem 

So marked this bug status as verified.
Comment 19 errata-xmlrpc 2013-01-08 07:17:28 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-0039.html
Note You need to log in before you can comment on or make changes to this bug.