freeipa

Clone
Source Code
GIT

#4711 Trust setting not restored for CA cert with ipa-restore command
Closed: Fixed None Opened 9 years ago by jcholast.

Closed: Fixed
Reopen Issue

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1159011

Description of problem:
Trust settings of CA cert not restored correctly in nss db. This observed while
execution of ipa-restore which restores /etc/httpd/alias nss db which was
backuped earlier and it causes httpd service restart failure. Consequently ipa
service restart fails.

Version-Release number of selected component (if applicable):
[root@dhcp207-187 ~]# rpm -q ipa-server nss-tools nss
ipa-server-4.1.0-3.el7.x86_64
nss-tools-3.16.2-9.el7.x86_64
nss-3.16.2-9.el7.x86_64
[root@dhcp207-187 ~]#

How reproducible:
Always.

Steps to Reproduce:
1. Please find the attached file (steps-with-console-output.txt) for detail.

Actual results:
Trust settings of CA cert not restored correctly.

Expected results:
Trust settings of CA cert should have been restored correctly

Additional info:

master:

  • 2639997 Fix CA certificate backup and restore

ipa-4-1:

  • 7c2aad1 Fix CA certificate backup and restore

Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=951581 (Red Hat Enterprise Linux 7)

Metadata Update from @jcholast:
- Issue assigned to jcholast
- Issue set to the milestone: FreeIPA 4.1.2
7 years ago

Login to comment on this ticket.

Metadata
None
None
None
normal
None
None
None
None
defect
None
None
Backup
None
1
None
None
pviktori
None
https://bugzilla.redhat.com/show_bug.cgi?id=1159011, https://bugzilla.redhat.com/show_bug.cgi?id=951581
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.