Docs incorrectly recommend to users they escape newlines from their ca_cert and client_cert
The BaseRemote.ca_cert and BaseRemote.client_cert fields the current serializers tell the user "All new line characters must be escaped". You can see that here.
There are two issues with this:
It's not needed. For example pulp-certguard allows users to submit certs without modification, they are saved in the database, and openssl uses them correctly.
It's extra work for users.
- Update the serializers to not have newlines escaped
- Audit the handling of these fields throughout the code and remove any "unescaping" that is done
- Add a
.removalrelease note indicating this is a breaking change and users will need to re-save their ca_cert and client_cert fields
- Audit client_key as well just for good measure
- Add a test that sync's content where a ca_cert is required
- Add a test that sync's content where a client_cert and client_key is required
How to add these tests?¶
These tests will use the Red Hat CDN and will use a test certificate and key registered to pulp-infra, along with the master ca_cert of the Red Hat CDN. The test certs will be stored as a Travis secret and made available to the tests via environment variables. If the test goes to run and the environment variables are not present the test should skip.