Actions
Issue #6424
closed
An expired client RHSM Certificate should be denied
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Platform Release:
OS:
Triaged:
No
Groomed:
No
Sprint Candidate:
No
Tags:
Katello
Sprint:
Sprint 70
Quarter:
Actions
.
Add RHSM test ensuring expired certs deny content
This adds a test that ensures a trusted-but-expired RHSM certificate with a valid subpath is denied content.
The code worked already, but reported the reason for the failure incorrectly. This adds logic that disambiguates openssl failures due to client cert not being signed versus being expired.
https://pulp.plan.io/issues/6424 closes #6424