[SAT-28012] Custom certificates on Capsules broken

Type: Bug
Resolution: Done-Errata
Priority: Critical
Fix Version/s: 6.16.0
Affects Version/s: 6.16.0
Component/s: Foreman Proxy
Labels:
- team-triaged
- triaged

Satellite Team:

Platform
Target Version:

6.16.0
Blocked:
False
Fixed in Build:
foreman-installer-3.12.0-1
Severity:
Important

Release Note Type:
None
Release Note Text:
None
Release Note Status:
None

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

Test Coverage:

To Do
Regression:
Yes

Market:

Description of problem:

See https://github.com/theforeman/puppet-certs/issues/456 for all the details. It was fixed in https://github.com/theforeman/puppet-certs/commit/15a3cc2c81ecf976380f99143d83741e565d95f0. This was broken since https://github.com/theforeman/puppet-certs/commit/433dadc5ec41c2477fc6a04e056ca061fd818980 which landed in Foreman 3.11.

Luckily this was found in the upstream community, but the big question is why this wasn't caught in Stream or even 6.16 snap testing.

How reproducible:

Always

Is this issue a regression from an earlier version:

Yes.

Steps to Reproduce:

1. Install Satellite with custom certificates
2. Install Capsule with custom certificates

Actual behavior:

/root/ssl-build/katello-server-ca.crt gets overwritten with the contents of /root/ssl-build/katello-default-ca.crt instead of the user provided custom certificate

Expected behavior:

User provided custom certificate is used

Business Impact / Additional info:

This is a primary workflow and we should have noticed this very quickly in Stream.

causes

SAT-28094 Add Capsule installation and smoke tests that use custom certificates

Backlog

links to

RHBA-2024:140284 Important: Satellite 6.16.0 release

Errata Tool added a comment - 2024/11/05 5:29 PM

Since the problem described in this issue should be resolved in a recent advisory, it has been closed.

For information on the advisory (Critical: Satellite 6.16.0 release), and where to find the updated files, follow the link below.

If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHSA-2024:8906

Errata Tool added a comment - 2024/11/05 5:29 PM Since the problem described in this issue should be resolved in a recent advisory, it has been closed. For information on the advisory (Critical: Satellite 6.16.0 release), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2024:8906

Jameer Pathan added a comment - 2024/10/07 2:38 PM - edited

Verified successful installation of Satellite and Capsule 6.16 (snap 8.0) with custom certificate.

Jameer Pathan added a comment - 2024/10/07 2:38 PM - edited Verified successful installation of Satellite and Capsule 6.16 (snap 8.0) with custom certificate.

Assignee:: Ewoud Kohl van Wijngaarden

Reporter:: Ewoud Kohl van Wijngaarden

QA Contact:: Jameer Pathan

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2024/09/16 12:42 PM

Updated:: 2024/11/05 5:29 PM

Resolved:: 2024/11/05 5:29 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

Collapse comment: Errata Tool added a comment - 2024/11/05 5:29 PM

Expand comment: Errata Tool added a comment - 2024/11/05 5:29 PM

Collapse comment: Jameer Pathan added a comment - 2024/10/07 2:38 PM, Edited by Jameer Pathan - 2024/10/07 2:38 PM

Expand comment: Jameer Pathan added a comment - 2024/10/07 2:38 PM, Edited by Jameer Pathan - 2024/10/07 2:38 PM

People

Dates