pki pkcs12-cert-mod gives a success message when a non-existing nickname is provided
Steps to Reproduce:
[root@qe-blade-09 ~]# pki pkcs12-cert-find --pkcs12-file ca.p12 --pkcs12-password-file password.txt --------------- 6 entries found --------------- Certificate ID: e5265d08d36cde2bdff5caf5eeeb783d7a06b9a9 Serial Number: 0xa Nickname: caSigningCert cert-pki-subca Subject DN: CN=Certificate Authority 1,OU=pki-subca,O=IdmqeLabEngBosRedhat Domain Issuer DN: CN=Certificate Authority,OU=pki-rootca,O=IdmqeLabEngBosRedhat Domain Has Key: true Certificate ID: 895682d8630ce9995ea6b7ad924b97e0424662d Serial Number: 0x1 Nickname: ocspSigningCert cert-pki-subca Subject DN: CN=OCSP Signing Certificate 1,OU=pki-subca,O=IdmqeLabEngBosRedhat Domain Issuer DN: CN=Certificate Authority 1,OU=pki-subca,O=IdmqeLabEngBosRedhat Domain Has Key: true Certificate ID: c0b211501718d3e72118c0df578e1d7595f74136 Serial Number: 0x3 Nickname: auditSigningCert cert-pki-subca Subject DN: CN=CA Audit Signing Certificate 1,OU=pki-subca,O=IdmqeLabEngBosRedhat Domain Issuer DN: CN=Certificate Authority 1,OU=pki-subca,O=IdmqeLabEngBosRedhat Domain Has Key: true Certificate ID: da8b3c14905f88d435a55c5d9ad3c7e85b11367b Serial Number: 0x1 Nickname: Certificate Authority - pki-rootca - IdmqeLabEngBosRedhat Domain Subject DN: CN=Certificate Authority,OU=pki-rootca,O=IdmqeLabEngBosRedhat Domain Issuer DN: CN=Certificate Authority,OU=pki-rootca,O=IdmqeLabEngBosRedhat Domain Has Key: false Certificate ID: f086e60c6f211bd2940b420e2ac6d3c1a8256919 Serial Number: 0x2 Nickname: Server-Cert cert-pki-subca Subject DN: CN=qe-blade-03.idmqe.lab.eng.bos.redhat.com,OU=pki-subca,O=IdmqeLabEngBosRedhat Domain Issuer DN: CN=Certificate Authority 1,OU=pki-subca,O=IdmqeLabEngBosRedhat Domain Has Key: true Certificate ID: 37b1e733caed07e9ef918c07aaba2c23898b1867 Serial Number: 0xb Nickname: subsystemCert cert-pki-subca Subject DN: CN=CA Subsystem Certificate 1,OU=pki-subca,O=IdmqeLabEngBosRedhat Domain Issuer DN: CN=Certificate Authority,OU=pki-rootca,O=IdmqeLabEngBosRedhat Domain Has Key: true [root@qe-blade-09 ~]# pki pkcs12-key-find --pkcs12-file ca.p12 --pkcs12-password-file password.txt --------------- 5 entries found --------------- Key ID: e5265d08d36cde2bdff5caf5eeeb783d7a06b9a9 Subject DN: CN=Certificate Authority 1,OU=pki-subca,O=IdmqeLabEngBosRedhat Domain Key ID: 895682d8630ce9995ea6b7ad924b97e0424662d Subject DN: CN=OCSP Signing Certificate 1,OU=pki-subca,O=IdmqeLabEngBosRedhat Domain Key ID: c0b211501718d3e72118c0df578e1d7595f74136 Subject DN: CN=CA Audit Signing Certificate 1,OU=pki-subca,O=IdmqeLabEngBosRedhat Domain Key ID: f086e60c6f211bd2940b420e2ac6d3c1a8256919 Subject DN: CN=qe-blade-03.idmqe.lab.eng.bos.redhat.com,OU=pki-subca,O=IdmqeLabEngBosRedhat Domain Key ID: 37b1e733caed07e9ef918c07aaba2c23898b1867 Subject DN: CN=CA Subsystem Certificate 1,OU=pki-subca,O=IdmqeLabEngBosRedhat Domain [root@qe-blade-09 ~]# pki pkcs12-cert-mod "caSigningCert cert-pki-rootCA" --pkcs12-file ca.p12 --pkcs12-password-file password.txt --trust-flags "CTu,Cu,Cu" --------------------------------------------------- Updated certificate "caSigningCert cert-pki-rootCA" ---------------------------------------------------
Expected results:
pki pkcs12-cert-mod should fail with an appropriate error message
Per 10.5.x/10.6 Triage: FUTURE
edewata: negative case
Metadata Update from @mharmsen: - Custom field component adjusted to None - Custom field feature adjusted to None - Custom field origin adjusted to None - Custom field proposedmilestone adjusted to None - Custom field proposedpriority adjusted to None - Custom field reviewer adjusted to None - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1537307 - Custom field type adjusted to None - Custom field version adjusted to None
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/3103
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Metadata Update from @dmoluguw: - Issue close_status updated to: migrated - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.