Project

General

Profile

Bug #27876

katello-certs-check should display an error if there is a passphrase protected key file

Added by Chris Roberts about 1 year ago. Updated 11 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
foreman-installer script
Target version:
Difficulty:
easy
Triaged:
No
Bugzilla link:

Description

katello-certs-check should display a warning if there is a passphrase protected

Version-Release number of selected component (if applicable):
satellite-6.6.0-5.beta.el7sat.noarch
foreman-installer-katello-1.22.0.8-1.el7sat.noarch

How reproducible:
Always

Steps to Reproduce:
1. Create a key with password protected
2. # openssl genrsa -aes128 -passout pass:foobar -out /root/sat_cert/satellite_cert_key.pem 4096
3. For verification use katello-certs-check

If you use a passphrase some of the services will not start:

Aug 30 23:08:44 vm250-205.gsslab.pnq2.redhat.com smart_proxy_dynflow_core23103: /opt/theforeman/tfm/root/usr/share/gems/gems/smart_proxy_dynflow_core-0.2.2/lib/smart_proxy_dynflow_core/launcher.rb:124:in `initialize': Neither PUB key nor PRIV key: nested asn1 error (OpenSSL::PKey::RSAError)

ourCA.crt ourCA.crt 1.34 KB Chris Roberts, 09/17/2019 06:37 PM
privkey.pem privkey.pem 1.79 KB Chris Roberts, 09/17/2019 06:37 PM
server.crt server.crt 1.1 KB Chris Roberts, 09/17/2019 06:37 PM

Associated revisions

Revision 8987d032 (diff)
Added by Chris Roberts 12 months ago

Fixes #27876 - Add check for passphrase on key

History

#1 Updated by Chris Roberts about 1 year ago

  • Target version set to 1.24.0

#2 Updated by Chris Roberts about 1 year ago

#3 Updated by The Foreman Bot about 1 year ago

  • Status changed from Assigned to Ready For Testing
  • Pull request https://github.com/theforeman/foreman-installer/pull/393 added

#4 Updated by Chris Roberts about 1 year ago

Pomegranate is the password for the private key

#5 Updated by The Foreman Bot 12 months ago

  • Fixed in Releases 2.0.0 added

#6 Updated by Chris Roberts 12 months ago

  • Status changed from Ready For Testing to Closed

#7 Updated by Tomer Brisker 11 months ago

  • Fixed in Releases 1.24.0 added
  • Fixed in Releases deleted (2.0.0)

Also available in: Atom PDF