Bug 46037 - 01_base/81alternativessl fails
01_base/81alternativessl fails
Status: CLOSED FIXED
Product: UCS Test
Classification: Unclassified
Component: General
unspecified
Other Linux
: P5 normal (vote)
: UCS 4.3
Assigned To: Jürn Brodersen
Philipp Hahn
: interim-2
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-01-15 13:10 CET by Florian Best
Modified: 2018-03-14 14:38 CET (History)
1 user (show)

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Florian Best univentionstaff 2018-01-15 13:10:26 CET
[2018-01-14 19:10:12.006011] List all certificates
[2018-01-14 19:10:12.006584] 01	master091.AutoTest091.local
[2018-01-14 19:10:12.006608] 02	ucs-sso.AutoTest091.local
[2018-01-14 19:10:12.295565] Creating certificate: ucs-test
(2018-01-14 19:10:12.298379) no certificate for ucs-test registered
(2018-01-14 19:10:12.986486) Generating RSA private key, 2048 bit long modulus
(2018-01-14 19:10:13.056581) ......................+++
(2018-01-14 19:10:13.153556) ................................+++
(2018-01-14 19:10:13.156682) e is 65537 (0x010001)
(2018-01-14 19:10:13.219630) Using configuration from /etc/univention/ssl/openssl.cnf
(2018-01-14 19:10:13.220309) Check that the request matches the signature
(2018-01-14 19:10:13.220463) Signature ok
(2018-01-14 19:10:13.220512) The Subject's Distinguished Name is as follows
(2018-01-14 19:10:13.220676) countryName           :PRINTABLE:'US'
(2018-01-14 19:10:13.233236) stateOrProvinceName   :PRINTABLE:'US'
(2018-01-14 19:10:13.233257) localityName          :PRINTABLE:'US'
(2018-01-14 19:10:13.233268) organizationName      :PRINTABLE:'US'
(2018-01-14 19:10:13.233278) organizationalUnitName:PRINTABLE:'Univention Corporate Server'
(2018-01-14 19:10:13.233289) commonName            :PRINTABLE:'ucs-test'
(2018-01-14 19:10:13.233300) emailAddress          :IA5STRING:'ssl@'
(2018-01-14 19:10:13.233310) Certificate is to be certified until Jan 14 00:10:13 2023 GMT (1825 days)
(2018-01-14 19:10:13.233320) Write out database with 1 new entries
(2018-01-14 19:10:13.233328) Data Base Updated
[2018-01-14 19:10:18.048698] Dateien /tmp/tmp.nfpzDXfXZa und /etc/univention/ssl/ucs-test/cert.pem sind verschieden.
[2018-01-14 19:10:18.147594] Unsetting apache2/ssl/certificate
[2018-01-14 19:10:18.177827] Unsetting apache2/ssl/key
[2018-01-14 19:10:18.546511] Multifile: /etc/simplesamlphp/metadata/saml20-idp-hosted.php
[2018-01-14 19:10:18.729477] Multifile: /etc/apache2/sites-available/default-ssl.conf
[2018-01-14 19:10:24.042961] Dateien /tmp/tmp.nfpzDXfXZa und /etc/univention/ssl/ucs-test/cert.pem sind verschieden.
[2018-01-14 19:10:24.043232] und das ist auch gut so!
[2018-01-14 19:10:24.640226] Revoke certificate: ucs-test
(2018-01-14 19:10:24.672810) Using configuration from /etc/univention/ssl/openssl.cnf
(2018-01-14 19:10:24.673514) Revoking Certificate 0C.
(2018-01-14 19:10:24.673831) Data Base Updated
(2018-01-14 19:10:24.676149) Using configuration from /etc/univention/ssl/openssl.cnf
(2018-01-14 19:10:24.858573) W: The config registry variable 'apache2/ssl/certificate' does not exist
(2018-01-14 19:10:24.858665) W: The config registry variable 'apache2/ssl/key' does not exist

http://jenkins.knut.univention.de:8080/job/UCS-4.3/job/UCS-4.3-0/job/AutotestJoin/lastCompletedBuild/SambaVersion=s4,Systemrolle=master/testReport/01_base/81alternativessl/test/

The test case should also display more obvious what's wrong.
Comment 1 Jürn Brodersen univentionstaff 2018-02-06 14:56:46 CET
baa5d31b: Fix 01_base/81alternativessl

The certificate parsed by openssl looked a little bit different than the stored one. -> Parse the stored one as well.
I also removed the dependency on eth0 by connecting to localhost.
Comment 3 Stefan Gohmann univentionstaff 2018-03-14 14:38:31 CET
UCS 4.3 has been released:
 https://docs.software-univention.de/release-notes-4.3-0-en.html
 https://docs.software-univention.de/release-notes-4.3-0-de.html

If this error occurs again, please use "Clone This Bug".