Bug #34888
closed
Installer spams with katello-certs-check output when using custom certs
Description
b'Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=2073305 \n\n*Description of problem:*\nWhen using custom certs, and running the installer to enable a feature or anything, it re-runs katello-certs-check to verify certs and the output is visible on the shell, confusing the user:\n\n foreman-installer \n2022-04-08 07:46:31 [NOTICE] [root] Loading installer configuration. This will take some time.\n2022-04-08 07:46:38 [NOTICE] [root] Running installer with log based terminal output at level NOTICE.\n2022-04-08 07:46:38 [NOTICE] [root] Use -l to set the terminal output log level to ERROR, WARN, NOTICE, INFO, or DEBUG. See --full-help for definitions.\nPackage versions are locked. Continuing with unlock.\nExecuting: katello-certs-check -c "/root/satellite_cert/satellite_cert.pem" -k "/root/satellite_cert/satellite_cert_key.pem" -b "/root/satellite_cert/ca_cert_bundle.pem"\ntput: No value for $TERM and no -T specified\ntput: No value for $TERM and no -T specified\ntput: No value for $TERM and no -T specified\ntput: No value for $TERM and no -T specified\nChecking server certificate encoding: [OK]\n\nChecking expiration of certificate: [OK]\n\nChecking expiration of CA bundle: [OK]\n\nChecking if server certificate has CA:TRUE flag [OK]\n\nChecking for private key passphrase: [OK]\n\nChecking to see if the private key matches the certificate: [OK]\n\nChecking CA bundle against the certificate file: [OK]\n\nChecking CA bundle size: 3\n[OK]\n\nChecking Subject Alt Name on certificate [OK]\n\nChecking if any Subject Alt Name on certificate matches the Subject CN\n[OK]\n\nChecking Key Usage extension on certificate for Key Encipherment [OK]\n\nChecking for use of shortname as CN\n[OK]\n\nValidation succeeded\n\n\nTo install the Red Hat Satellite server with the custom certificates, run:\n\n satellite-installer --scenario satellite \\\n --certs-server-cert "/root/satellite_cert/satellite_cert.pem" \\\n --certs-server-key "/root/satellite_cert/satellite_cert_key.pem" \\\n --certs-server-ca-cert "/root/satellite_cert/ca_cert_bundle.pem"\n\nTo update the certificates on a currently running Red Hat Satellite installation, run:\n\n satellite-installer --scenario satellite \\\n --certs-server-cert "/root/satellite_cert/satellite_cert.pem" \\\n --certs-server-key "/root/satellite_cert/satellite_cert_key.pem" \\\n --certs-server-ca-cert "/root/satellite_cert/ca_cert_bundle.pem" \\\n --certs-update-server --certs-update-server-ca\n\nTo use them inside a NEW $CAPSULE, rerun this command with -t capsule\n2022-04-08 07:46:53 [NOTICE] [configure] Starting system configuration.\n\xe2\x80\xa6\n\n*Version-Release number of selected component (if applicable):*\nforeman-installer-3.1.2.1-1.el8sat.noarch\nforeman-installer-katello-3.1.2.1-1.el8sat.noarch\nsatellite-installer-6.11.0.5-1.el8sat.noarch\n\n\n*How reproducible:*\n100%\n\n*Steps to Reproduce:*\n1. install with certs\n2. call installer again\n\n*Actual results:*\ncerts-check output as above\n\n*Expected results:*\nsilence\n\n*Additional info:*'
Updated by The Foreman Bot almost 2 years ago
- Status changed from New to Ready For Testing
- Assignee set to Eric Helms
- Pull request https://github.com/theforeman/foreman-installer/pull/770 added
Updated by Eric Helms almost 2 years ago
- Status changed from Ready For Testing to Closed
Applied in changeset installer|688d0a7dc08fc78407ed84466f3b0861c3cbfc2f.
Updated by Amit Upadhye almost 2 years ago
- Subject changed from b'installer spams with katello-certs-check output when using custom certs' to installer spams with katello-certs-check output when using custom certs
Updated by Amit Upadhye almost 2 years ago
- Subject changed from installer spams with katello-certs-check output when using custom certs to Installer spams with katello-certs-check output when using custom certs
Updated by Ewoud Kohl van Wijngaarden 10 months ago
- Related to Bug #36567: katello-certs-check does not cause the installer to halt execution on failure added