Description of problem: Upgrade of pulp server clobbers the /etc/pki/pulp/ca.crt and breaks httpd Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. Install pulp-server-2.1.1-1.el6.noarch on Centos6 2. modify /etc/pki/pulp/ca.crt to be your own certificate 2. Install pulp-server-2.1.3-1.el6.noarch 3. service httpd restart Actual results: httpd restart fails. See error at the bottom of page. Expected results: I think maybe the certs should be marked as config in the rpm [root@ld4repo02 tmp]# rpm -qc pulp-server /etc/httpd/conf.d/pulp.conf /etc/pulp/logging/basic.cfg /etc/pulp/logging/db.cfg /etc/pulp/logging/unit_tests.cfg /etc/pulp/server.conf Additional info: error from log file /var/log/httpd/ssl_error_log [Wed Aug 07 12:04:22 2013] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Wed Aug 07 12:04:22 2013] [warn] RSA server certificate CommonName (CN) `localhost' does NOT match server name!? [Wed Aug 07 12:04:22 2013] [error] Unable to configure RSA server private key [Wed Aug 07 12:04:22 2013] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
https://github.com/pulp/pulp/pull/627
Generated on new install only.
build: 2.3.0-0.15.alpha
verified, Upgraded 2.2 to 2.3 [root@sun-x4200-01 ~]# ls -l /etc/pki/pulp/ total 12 -rw-r--r--. 1 apache apache 1143 Sep 6 17:16 ca.crt -rw-r--r--. 1 apache apache 1679 Sep 6 17:16 ca.key drwxr-xr-x. 2 apache apache 4096 Sep 6 17:17 content [root@sun-x4200-01 ~]# [root@sun-x4200-01 ~]# yum update @pulp-server @pulp-admin Loaded plugins: product-id, rhnplugin, security, subscription-manager [root@sun-x4200-01 ~]# ls -l /etc/pki/pulp/ total 12 -rw-r--r--. 1 apache apache 1143 Sep 6 17:16 ca.crt -rw-r--r--. 1 apache apache 1679 Sep 6 17:16 ca.key drwxr-xr-x. 2 apache apache 4096 Sep 26 16:44 content
Pulp 2.3 released.