Bug 968906 - upgrade 3.2_pre-relase->3.2 pki artifacts are reset to relative paths
Summary: upgrade 3.2_pre-relase->3.2 pki artifacts are reset to relative paths
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine
Version: 3.2.0
Hardware: Unspecified
OS: Unspecified
urgent
unspecified
Target Milestone: ---
: 3.3.0
Assignee: Alon Bar-Lev
QA Contact: Leonid Natapov
URL:
Whiteboard: infra
Depends On:
Blocks: 969072
TreeView+ depends on / blocked
 
Reported: 2013-05-30 09:12 UTC by Alon Bar-Lev
Modified: 2016-02-10 19:35 UTC (History)
12 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 969072 (view as bug list)
Environment:
Last Closed: 2014-01-21 22:18:40 UTC
oVirt Team: Infra
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
oVirt gerrit 15184 0 None None None Never

Description Alon Bar-Lev 2013-05-30 09:12:23 UTC 
BACKGROUND

There is a bug in engine-config that existed since beginning of time, it does not take the CABaseDirectory into account.
However, both the setup and the upgrade set full path for all pki artifacts, this is why this bug has been never discovered.

DESCRIPTION

The database upgrade script puts two values per default, these are relative:
select fn_db_update_config_value('keystoreUrl','keys/engine.p12','general');
select fn_db_update_config_value('TruststoreUrl','.truststore','general');

When system is upgraded from 3.1, after database upgrade the engine-upgrade script will convert keys to PKCS#12 format, and overwrite database settings.

However, if you upgrade from 3.2 to 3.2, then the engine-upgrade script does not overwrite the setting, leaving relative paths.

WORKAROUND

Modify keystoreUrl and truststoreUrl within database to absolute paths.
Comment 3 Itamar Heim 2013-05-30 12:27:59 UTC 
moving to modified for 3.3, as issue shouldn't happen.
Comment 7 Leonid Natapov 2013-07-17 12:59:37 UTC 
is5. verified.  pki settings moved into configuration
Comment 8 Itamar Heim 2014-01-21 22:18:40 UTC 
Closing - RHEV 3.3 Released
Comment 9 Itamar Heim 2014-01-21 22:25:00 UTC 
Closing - RHEV 3.3 Released
Note You need to log in before you can comment on or make changes to this bug.