Bug #16299
katello-certs-check should check the certificate type
Difficulty:
easy
Triaged:
Bugzilla link:
Description
Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1252540
Description of problem:
We were under impression that the custom certificate needed to be a ca cert. It needs to be a server cert. However running katello-certs-check did not complain about this. It did give problems later in the process (yum was not able to communicate with satellite)
Version-Release number of selected component (if applicable):
How reproducible:
Create a custom ca cert, signed by a custom root ca and feed it to the katello-certs-check. It doesn't complain.
Steps to Reproduce:
1.
2.
3.
Actual results:
Validation successful
Expected results:
Validation unsuccessful, wrong certificate type
Additional info:
Associated revisions
History
#1
Updated by Justin Sherrill almost 6 years ago
Updated by - Subject changed from katello-certs-check should check the certificate type to katello-certs-check should check the certificate type
- Legacy Backlogs Release (now unused) set to 114
#2
Updated by Chris Roberts about 5 years ago
Updated by - Status changed from New to Assigned
- Assignee set to Chris Roberts
- Target version set to 187
- Difficulty set to easy
#3
Updated by The Foreman Bot about 5 years ago
Updated by - Status changed from Assigned to Ready For Testing
- Legacy Backlogs Release (now unused) deleted (
114) - Pull request https://github.com/Katello/katello-installer/pull/503 added
#4
Updated by Chris Roberts about 5 years ago
- Status changed from Ready For Testing to Resolved
- Legacy Backlogs Release (now unused) set to 228
Fixes #16299 - add check for CA flag on server crt