Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Undefined
Fix Version/s: rhel-9.2.0.z
Affects Version/s: rhel-9.2.0.z
Component/s: ipa
Labels:
- sustaining

Regression:
No
Severity:
Low

Pool Team:

rhel-sst-idm-ipa
Sub-System Group:

ssg_idm

Story Points:
None
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
No
Sprint:
None

Preliminary Testing:
None
Test Coverage:
None

Release Note Type:
Unspecified Release Note Type - Unknown

Experience:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

Upon the actual test log from https://idm-artifacts.psi.redhat.com/idm-ci/freeipa/Nightly-Z/RHEL9.2/2024-08-18_07-00/tier-1/upstream-acme-pruning/2/report.html ...

INFO     ipatests.pytest_ipa.integration.host.Host.client1.IPAOpenSSHTransport:transport.py:391 RUN ['date', '-s', '+90days+60minutes']
DEBUG    ipatests.pytest_ipa.integration.host.Host.client1.cmd74:transport.py:513 RUN ['date', '-s', '+90days+60minutes']
DEBUG    ipatests.pytest_ipa.integration.host.Host.client1.cmd74:transport.py:557 Sun Nov 17 03:27:39 EST 2024

=> The current time is Nov 17 03:27:39 EST 2024. (Nov 17 08:27:39 UTC 2024)

INFO     ipatests.pytest_ipa.integration.host.Host.master.IPAOpenSSHTransport:transport.py:391 RUN ['ipa', 'cert-find', '--subject', 'client1.testrelm.test']
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd104:transport.py:513 RUN ['ipa', 'cert-find', '--subject', 'client1.testrelm.test']
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd104:transport.py:557 ---------------------
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd104:transport.py:557 1 certificate matched
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd104:transport.py:557 ---------------------
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd104:transport.py:557   Issuing CA: ipa
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd104:transport.py:557   Subject: CN=client1.testrelm.test
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd104:transport.py:557   Issuer: CN=Certificate Authority,O=TESTRELM.TEST
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd104:transport.py:557   Not Before: Mon Aug 19 07:27:38 2024 UTC
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd104:transport.py:557   Not After: Sun Nov 17 08:27:38 2024 UTC
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd104:transport.py:557   Serial number: 43714552431257679878392104594644248812
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd104:transport.py:557   Serial number (hex): 0x20E31DD66FA12C4097CFD0CDF2E9A8EC
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd104:transport.py:557   Status: VALID
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd104:transport.py:557   Revoked: False
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd104:transport.py:557 ----------------------------
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd104:transport.py:557 Number of entries returned 1
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd104:transport.py:557 ----------------------------
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd104:transport.py:217 Exit code: 0

==> The certificate was expired in Nov 17 08:27:38 2024 UTC. (just before 1 second).

DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd105:transport.py:513 RUN ['ipa-acme-manage', 'pruning', '--enable']
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd105:transport.py:557 Status: enabled
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd105:transport.py:557 The ipa-acme-manage command was successful
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd105:transport.py:557 Certificate Retention Time: 60
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd105:transport.py:557 Certificate Retention Unit: minute
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd105:transport.py:557 Certificate Search Size Limit: 2000
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd105:transport.py:557 Certificate Search Time Limit: 5
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd105:transport.py:557 Request Retention Time: 60
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd105:transport.py:557 Request Retention Unit: minute
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd105:transport.py:557 Request Search Size Limit: 2000
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd105:transport.py:557 Request Search Time Limit: 5
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd105:transport.py:557 cron Schedule: 0 23 1 * *
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd105:transport.py:557 The CA service must be restarted for changes to take effect
DEBUG    ipatests.pytest_ipa.integration.host.Host.master.cmd105:transport.py:217 Exit code: 0

=> Certificate Retention Time was 60 minutes. The expired cert is not deleted. Because 60 mins have not passed after the expiration.

Assignee:: Prasad Kalanke

Reporter:: Prasad Kalanke

Contributors:: Masahiro Matsuya

Developer:: Florence Renaud

QA Contact:: Masahiro Matsuya

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Created:: 2024/08/22 6:42 AM

Updated:: 2024/10/22 11:58 AM

Details

Description

Attachments

Easy Agile Planning Poker

Activity

People

Dates