search

pki-bot / pki-issues-final

0 stars 0 forks source link

pki pkcs12-cert-del shows a successfully deleted message when a wrong nickname is provided #1963

Closed pki-bot closed 3 years ago

pki-bot commented 3 years ago

This issue was migrated from Pagure Issue #2414. Originally filed by rpattath (@rpattath) on 2016-07-20 22:39:14:

pki pkcs12-cert-del shows a successfully deleted message when a wrong nickname is provided

Steps to Reproduce:

[root@nocp1 ~]# pki -d certdb -c redhat pkcs12-cert-find --pkcs12-file ca.p12
--pkcs12-password-file password.txt
---------------
4 entries found
---------------
  Certificate ID: 3aea83b9dcbeb0df43ed5ffa4ac8e1113d8c73df
  Serial Number: 0x1
  Nickname: caSigningCert cert-pki-tomcat CA
  Subject DN: CN=CA Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security
Domain
  Issuer DN: CN=CA Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security
Domain
  Trust Flags: CTu,Cu,Cu
  Has Key: true

  Certificate ID: c996c15f08f30b1065c6f93479c6deb459c522d3
  Serial Number: 0x5
  Nickname: auditSigningCert cert-pki-tomcat CA
  Subject DN: CN=CA Audit Signing Certificate,O=idm.lab.eng.rdu2.redhat.com
Security Domain
  Issuer DN: CN=CA Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security
Domain
  Trust Flags: u,u,Pu
  Has Key: true

  Certificate ID: ad25c38a6f54cba489fdfbd236e4f9c13deacc68
  Serial Number: 0x2
  Nickname: ocspSigningCert cert-pki-tomcat CA
  Subject DN: CN=CA OCSP Signing Certificate,O=idm.lab.eng.rdu2.redhat.com
Security Domain
  Issuer DN: CN=CA Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security
Domain
  Trust Flags: u,u,u
  Has Key: true

  Certificate ID: 30667dde0d151d85a5dd22ef0162528b2fb40e09
  Serial Number: 0x4
  Nickname: subsystemCert cert-pki-tomcat
  Subject DN: CN=Subsystem Certificate,O=idm.lab.eng.rdu2.redhat.com Security
Domain
  Issuer DN: CN=CA Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security
Domain
  Trust Flags: u,u,u
  Has Key: true
[root@nocp1 ~]# pki -d certdb -c redhat pkcs12-cert-del "subsystemCert
cert-pki-tomcat CA" --pkcs12-file ca.p12 --pkcs12-password-file password.txt
------------------------------------------------------
Deleted certificate "subsystemCert cert-pki-tomcat CA"
------------------------------------------------------
[root@nocp1 ~]# pki -d certdb -c redhat pkcs12-cert-find --pkcs12-file ca.p12
--pkcs12-password-file password.txt
---------------
4 entries found
---------------
  Certificate ID: 3aea83b9dcbeb0df43ed5ffa4ac8e1113d8c73df
  Serial Number: 0x1
  Nickname: caSigningCert cert-pki-tomcat CA
  Subject DN: CN=CA Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security
Domain
  Issuer DN: CN=CA Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security
Domain
  Trust Flags: CTu,Cu,Cu
  Has Key: true

  Certificate ID: c996c15f08f30b1065c6f93479c6deb459c522d3
  Serial Number: 0x5
  Nickname: auditSigningCert cert-pki-tomcat CA
  Subject DN: CN=CA Audit Signing Certificate,O=idm.lab.eng.rdu2.redhat.com
Security Domain
  Issuer DN: CN=CA Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security
Domain
  Trust Flags: u,u,Pu
  Has Key: true

  Certificate ID: ad25c38a6f54cba489fdfbd236e4f9c13deacc68
  Serial Number: 0x2
  Nickname: ocspSigningCert cert-pki-tomcat CA
  Subject DN: CN=CA OCSP Signing Certificate,O=idm.lab.eng.rdu2.redhat.com
Security Domain
  Issuer DN: CN=CA Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security
Domain
  Trust Flags: u,u,u
  Has Key: true

  Certificate ID: 30667dde0d151d85a5dd22ef0162528b2fb40e09
  Serial Number: 0x4
  Nickname: subsystemCert cert-pki-tomcat
  Subject DN: CN=Subsystem Certificate,O=idm.lab.eng.rdu2.redhat.com Security
Domain
  Issuer DN: CN=CA Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security
Domain
  Trust Flags: u,u,u
  Has Key: true
pki-bot commented 3 years ago

Comment from mharmsen (@mharmsen) at 2016-07-21 23:10:29

Per PKI Bug Council of 07/21/2016: 10.3.5

pki-bot commented 3 years ago

Comment from mharmsen (@mharmsen) at 2016-08-08 22:56:20

Per CS/DS Meeting of 08/08/2016: 10.3.6

NOTE: As this ticket is probably not major, we decided to move it to 10.3.6. If we can get a 'Dogtag 10.3.6: Miscellaneous Enhancements' bug accepted with an exception flag, this bug would be a candidate for that. Otherwise, this bug will be moved to 10.4.

pki-bot commented 3 years ago

Comment from edewata (@edewata) at 2016-08-12 03:11:08

attachment 0001-Patch-to-fix-BZ-1358462.patch

pki-bot commented 3 years ago

Comment from edewata (@edewata) at 2016-08-30 00:02:33

Fixed in master (10.4):

pki-bot commented 3 years ago

Comment from mharmsen (@mharmsen) at 2016-08-30 00:20:38

Cherry-picked to DOGTAG_10_3_BRANCH:

commit 92b6378053ef427b3a73866dbee415f7ee32d5ae
Author: Geetika Kapoor <geetikakay@redhat.com>
Date:   Fri Aug 12 05:35:58 2016 -0400

    Fix for BZ 1358462

    (cherry picked from commit 4b48187b744f1cff2a64c4c5eb00866875a1f99d)
pki-bot commented 3 years ago

Comment from rpattath (@rpattath) at 2017-02-27 14:09:30

Metadata Update from @rpattath: