pki pkcs12-cert-del shows a successfully deleted message when a wrong nickname is provided
Steps to Reproduce:
[root@nocp1 ~]# pki -d certdb -c redhat pkcs12-cert-find --pkcs12-file ca.p12 --pkcs12-password-file password.txt --------------- 4 entries found --------------- Certificate ID: 3aea83b9dcbeb0df43ed5ffa4ac8e1113d8c73df Serial Number: 0x1 Nickname: caSigningCert cert-pki-tomcat CA Subject DN: CN=CA Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security Domain Issuer DN: CN=CA Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security Domain Trust Flags: CTu,Cu,Cu Has Key: true Certificate ID: c996c15f08f30b1065c6f93479c6deb459c522d3 Serial Number: 0x5 Nickname: auditSigningCert cert-pki-tomcat CA Subject DN: CN=CA Audit Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security Domain Issuer DN: CN=CA Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security Domain Trust Flags: u,u,Pu Has Key: true Certificate ID: ad25c38a6f54cba489fdfbd236e4f9c13deacc68 Serial Number: 0x2 Nickname: ocspSigningCert cert-pki-tomcat CA Subject DN: CN=CA OCSP Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security Domain Issuer DN: CN=CA Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security Domain Trust Flags: u,u,u Has Key: true Certificate ID: 30667dde0d151d85a5dd22ef0162528b2fb40e09 Serial Number: 0x4 Nickname: subsystemCert cert-pki-tomcat Subject DN: CN=Subsystem Certificate,O=idm.lab.eng.rdu2.redhat.com Security Domain Issuer DN: CN=CA Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security Domain Trust Flags: u,u,u Has Key: true [root@nocp1 ~]# pki -d certdb -c redhat pkcs12-cert-del "subsystemCert cert-pki-tomcat CA" --pkcs12-file ca.p12 --pkcs12-password-file password.txt ------------------------------------------------------ Deleted certificate "subsystemCert cert-pki-tomcat CA" ------------------------------------------------------ [root@nocp1 ~]# pki -d certdb -c redhat pkcs12-cert-find --pkcs12-file ca.p12 --pkcs12-password-file password.txt --------------- 4 entries found --------------- Certificate ID: 3aea83b9dcbeb0df43ed5ffa4ac8e1113d8c73df Serial Number: 0x1 Nickname: caSigningCert cert-pki-tomcat CA Subject DN: CN=CA Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security Domain Issuer DN: CN=CA Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security Domain Trust Flags: CTu,Cu,Cu Has Key: true Certificate ID: c996c15f08f30b1065c6f93479c6deb459c522d3 Serial Number: 0x5 Nickname: auditSigningCert cert-pki-tomcat CA Subject DN: CN=CA Audit Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security Domain Issuer DN: CN=CA Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security Domain Trust Flags: u,u,Pu Has Key: true Certificate ID: ad25c38a6f54cba489fdfbd236e4f9c13deacc68 Serial Number: 0x2 Nickname: ocspSigningCert cert-pki-tomcat CA Subject DN: CN=CA OCSP Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security Domain Issuer DN: CN=CA Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security Domain Trust Flags: u,u,u Has Key: true Certificate ID: 30667dde0d151d85a5dd22ef0162528b2fb40e09 Serial Number: 0x4 Nickname: subsystemCert cert-pki-tomcat Subject DN: CN=Subsystem Certificate,O=idm.lab.eng.rdu2.redhat.com Security Domain Issuer DN: CN=CA Signing Certificate,O=idm.lab.eng.rdu2.redhat.com Security Domain Trust Flags: u,u,u Has Key: true
Per PKI Bug Council of 07/21/2016: 10.3.5
Per CS/DS Meeting of 08/08/2016: 10.3.6
NOTE: As this ticket is probably not major, we decided to move it to 10.3.6. If we can get a 'Dogtag 10.3.6: Miscellaneous Enhancements' bug accepted with an exception flag, this bug would be a candidate for that. Otherwise, this bug will be moved to 10.4.
attachment 0001-Patch-to-fix-BZ-1358462.patch
Fixed in master (10.4):
Cherry-picked to DOGTAG_10_3_BRANCH:
commit 92b6378053ef427b3a73866dbee415f7ee32d5ae Author: Geetika Kapoor <gkapoor@redhat.com> Date: Fri Aug 12 05:35:58 2016 -0400 Fix for BZ 1358462 (cherry picked from commit 4b48187b744f1cff2a64c4c5eb00866875a1f99d)
Metadata Update from @rpattath: - Issue set to the milestone: 10.3.6
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/2534
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Login to comment on this ticket.