Bug #20054: katello-certs-check does not check server certificate's encoding - Katello - Foreman

Actions

Bug #20054

closed

katello-certs-check does not check server certificate's encoding

Added by Russell Dickenson almost 7 years ago. Updated almost 6 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Russell Dickenson

Category:

Installer

Target version:

Difficulty:

easy

Triaged:

Bugzilla link:

Pull request:

https://github.com/Katello/katello-installer/pull/528, https://github.com/Katello/katello-installer/pull/587, https://github.com/Katello/katello-installer/pull/606

Fixed in Releases:

Found in Releases:

Red Hat JIRA:

Description

Clone from RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1463018

Description of problem: The Bash script `katello-certs-check` does not verify server's certificate is PEM encoded, resulting in failure to install the certificate.

How reproducible: Every time.

Steps to Reproduce:
1. Generate an SSL certificate for the Satellite Server.
2. Convert it into DER format.
3. Install the certificate (in DER encoding) in Satellite.

Actual results: Instances of the following errors appear in log file /var/log/foreman-proxy/proxy.log:
-----
OpenSSL::SSL:SSLError: SSL_accept returned=1 errno=0 state=SSLv3 read client certificate A: tlsv1 alert unknown ca
-----

Expected results: The custom SSL certificate is installed successfully.

Actions

#1

Updated by Daniel Lobato Garcia almost 7 years ago

Bugzilla link set to 1463018

Actions

#2

Updated by Justin Sherrill almost 7 years ago

translation missing: en.field_release set to 258

Actions

#3

Updated by Eric Helms almost 7 years ago

translation missing: en.field_release changed from 258 to 267

Actions

#4

Updated by Justin Sherrill almost 7 years ago

translation missing: en.field_release changed from 267 to 281

Actions

#5

Updated by Eric Helms over 6 years ago

translation missing: en.field_release changed from 281 to 286

Actions

#6

Updated by The Foreman Bot over 6 years ago

Status changed from New to Ready For Testing

Actions

#7

Updated by The Foreman Bot over 6 years ago

Pull request https://github.com/Katello/katello-installer/pull/528 added

Actions

#8

Updated by Eric Helms over 6 years ago

Pull request deleted (~~https://github.com/Katello/katello-installer/pull/514~~)

Actions

#9

Updated by Eric Helms over 6 years ago

translation missing: en.field_release changed from 286 to 295

Actions

#10

Updated by The Foreman Bot about 6 years ago

Pull request https://github.com/Katello/katello-installer/pull/587 added

Actions

#11

Updated by Anonymous about 6 years ago

Status changed from Ready For Testing to Closed
% Done changed from 0 to 100

Applied in changeset katello-installer|097a7e20c2b4074e1e22c28e106b1fd3d5c79e86.

Actions

#12

Updated by The Foreman Bot about 6 years ago

Pull request https://github.com/Katello/katello-installer/pull/606 added

Actions

Also available in: Atom PDF