Project

Profile

Help

Issue #6424

An expired client RHSM Certificate should be denied

Added by bmbouter almost 2 years ago. Updated over 1 year ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Low
Assignee:
Sprint/Milestone:
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Platform Release:
OS:
Triaged:
No
Groomed:
No
Sprint Candidate:
No
Tags:
Katello
Sprint:
Sprint 70
Quarter:

Associated revisions

Revision 9f05a5ee View on GitHub
Added by bmbouter almost 2 years ago

Add RHSM test ensuring expired certs deny content

This adds a test that ensures a trusted-but-expired RHSM certificate with a valid subpath is denied content.

The code worked already, but reported the reason for the failure incorrectly. This adds logic that disambiguates openssl failures due to client cert not being signed versus being expired.

https://pulp.plan.io/issues/6424 closes #6424

History

#1 Updated by bmbouter almost 2 years ago

  • Subject changed from An Expired client RHSM Certificate should be denied to An expired client RHSM Certificate should be denied

#2 Updated by bmbouter almost 2 years ago

  • Status changed from NEW to ASSIGNED
  • Assignee set to bmbouter
  • Sprint set to Sprint 70

#3 Updated by jsherril@redhat.com almost 2 years ago

  • Tags Katello-P3 added

#4 Updated by bmbouter almost 2 years ago

  • Status changed from ASSIGNED to MODIFIED

#5 Updated by ggainey over 1 year ago

  • Priority changed from Normal to Low

#6 Updated by ggainey over 1 year ago

  • Tags Katello added
  • Tags deleted (Katello-P3)

#7 Updated by bmbouter over 1 year ago

  • Sprint/Milestone set to 1.0.0 Release

#8 Updated by bmbouter over 1 year ago

  • Status changed from MODIFIED to CLOSED - CURRENTRELEASE

Also available in: Atom PDF