Bug #20054: katello-certs-check does not check server certificate's encoding - Katello - Foreman

Bug #20054

katello-certs-check does not check server certificate's encoding

Added by Russell Dickenson about 5 years ago. Updated almost 4 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Russell Dickenson

Category:

Installer

Target version:

Difficulty:

easy

Triaged:

Yes

Bugzilla link:

Pull request:

https://github.com/Katello/katello-installer/pull/528, https://github.com/Katello/katello-installer/pull/606, https://github.com/Katello/katello-installer/pull/587

Fixed in Releases:

Found in Releases:

Red Hat JIRA:

Description

Clone from RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1463018

Description of problem: The Bash script `katello-certs-check` does not verify server's certificate is PEM encoded, resulting in failure to install the certificate.

How reproducible: Every time.

Steps to Reproduce:
1. Generate an SSL certificate for the Satellite Server.
2. Convert it into DER format.
3. Install the certificate (in DER encoding) in Satellite.

Actual results: Instances of the following errors appear in log file /var/log/foreman-proxy/proxy.log:
-----
OpenSSL::SSL:SSLError: SSL_accept returned=1 errno=0 state=SSLv3 read client certificate A: tlsv1 alert unknown ca
-----

Expected results: The custom SSL certificate is installed successfully.

Associated revisions

Revision 097a7e20 (diff)
Added by Russell Dickenson over 4 years ago

Fixes #20054 - Add test if server's certificate is PEM encoded.

History

#1 Updated by Daniel Lobato Garcia about 5 years ago

Bugzilla link set to 1463018

#2 Updated by Justin Sherrill about 5 years ago

Legacy Backlogs Release (now unused) set to 258

#3 Updated by Eric Helms about 5 years ago

Legacy Backlogs Release (now unused) changed from 258 to 267

#4 Updated by Justin Sherrill almost 5 years ago

Legacy Backlogs Release (now unused) changed from 267 to 281

#5 Updated by Eric Helms almost 5 years ago

Legacy Backlogs Release (now unused) changed from 281 to 286

#6 Updated by The Foreman Bot almost 5 years ago

Status changed from New to Ready For Testing

#7 Updated by The Foreman Bot almost 5 years ago

Pull request https://github.com/Katello/katello-installer/pull/528 added

#8 Updated by Eric Helms almost 5 years ago

Pull request deleted (~~https://github.com/Katello/katello-installer/pull/514~~)

#9 Updated by Eric Helms almost 5 years ago

Legacy Backlogs Release (now unused) changed from 286 to 295

#10 Updated by The Foreman Bot over 4 years ago

Pull request https://github.com/Katello/katello-installer/pull/587 added

#11 Updated by Anonymous over 4 years ago

% Done changed from 0 to 100
Status changed from Ready For Testing to Closed

Applied in changeset katello-installer|097a7e20c2b4074e1e22c28e106b1fd3d5c79e86.

#12 Updated by The Foreman Bot over 4 years ago

Pull request https://github.com/Katello/katello-installer/pull/606 added

Also available in: Atom PDF