Project

General

Profile

Bug #8850

puppet ordering causing failure to import gutterball certificate into katello nssdb

Added by dustin tsang over 7 years ago. Updated almost 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Installer
Target version:
Difficulty:
Triaged:
Yes
Bugzilla link:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

getting a SEC_ERROR_LEGACY_DATABASE: The certificate/key database is in an old, unsupported format installing nightly katello
cert is being imported before nssdb is created.

[ WARN 2015-01-06 13:28:28 verbose] /Stage[main]/Certs::Gutterball/Certs::Ssltools::Certutil[guterball-amqp-client]/Exec[delete guterball-amqp-client]: Triggered 'refresh' from 1 events
[ WARN 2015-01-06 13:28:28 verbose] /Stage[main]/Certs::Gutterball/Certs::Ssltools::Certutil[guterball-amqp-client]/Exec[guterball-amqp-client]/returns: certutil: function failed: SEC_ERROR_LEGACY_DATABASE: The certificate/key database is in an old, unsupported format.
[ERROR 2015-01-06 13:28:28 verbose] /Stage[main]/Certs::Gutterball/Certs::Ssltools::Certutil[guterball-amqp-client]/Exec[guterball-amqp-client]: Failed to call refresh: certutil -A -d '/etc/pki/katello/nssdb' -n 'guterball-amqp-client' -t ',,' -a -i '/etc/pki/katello/gutterball.crt' returned 255 instead of one of [0]
[ERROR 2015-01-06 13:28:28 verbose] /Stage[main]/Certs::Gutterball/Certs::Ssltools::Certutil[guterball-amqp-client]/Exec[guterball-amqp-client]: certutil -A -d '/etc/pki/katello/nssdb' -n 'guterball-amqp-client' -t ',,' -a -i '/etc/pki/katello/gutterball.crt' returned 255 instead of one of [0]


Related issues

Blocks Katello - Tracker #5311: GutterballResolved2014-04-21

Associated revisions

Revision 999cd65c (diff)
Added by dustin tsang over 7 years ago

Fixes #8850 - import gutterball cert after katello nssdb exists

Revision 59ebfc68
Added by dustin tsang over 7 years ago

Merge pull request #42 from dustints/fix_order_import_nssdb

Fixes #8850 - import gutterball cert after katello nssdb exists

History

#1 Updated by dustin tsang over 7 years ago

#2 Updated by Eric Helms over 7 years ago

  • Target version set to 63
  • Legacy Backlogs Release (now unused) set to 14
  • Triaged changed from No to Yes

#3 Updated by Eric Helms over 7 years ago

  • Target version changed from 63 to 66

#4 Updated by Eric Helms over 7 years ago

  • Legacy Backlogs Release (now unused) changed from 14 to 23

#5 Updated by dustin tsang over 7 years ago

  • Status changed from New to Closed
  • Pull request https://github.com/Katello/puppet-certs/pull/42 added
  • Pull request deleted ()

Also available in: Atom PDF