First Last Prev Next    This bug is not in your last search results.
Bug 32763 - univention-certificate renew fails if hostname is substring of other host
univention-certificate renew fails if hostname is substring of other host
Status: RESOLVED DUPLICATE of bug 38859
Product: UCS
Classification: Unclassified
Component: SSL
UCS 3.1
Other Linux
: P5 normal (vote)
: UCS 3.2-x
Assigned To: Philipp Hahn
:
: 11298 28493 (view as bug list)
Depends on:
Blocks: 43576
  Show dependency treegraph
 
Reported: 2013-09-30 17:57 CEST by Dirk Ahrnke
Modified: 2017-02-17 17:50 CET (History)
4 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Dirk Ahrnke 2013-09-30 17:57:22 CEST 
Assuming an environment with the following UCS-hosts:
host.domain.tld
anotherhost.domain.tld

"univention-certificate renew -name host.domain.tld ..." will fail with "Error opening ucsCA/certs ..." because the the routine tries to handle non existing filenames.

This is caused by the usage of grep (line 338) in function renew_cert of /usr/share/univention-ssl/make-certificates.sh as it also matches for "anotherhost.domain.tld". Line  387 in function revoke_cert shows the same problem.
Comment 1 Philipp Hahn univentionstaff 2014-02-12 09:31:29 CET 
*** Bug 11298 has been marked as a duplicate of this bug. ***
Comment 2 Philipp Hahn univentionstaff 2016-06-22 13:30:15 CEST 
*** Bug 28493 has been marked as a duplicate of this bug. ***
Comment 3 Philipp Hahn univentionstaff 2016-06-22 13:44:18 CEST 
Fixed since r64182:
 univention-certificate new -name host.domain.tld -days 10
 univention-certificate new -name anotherhost.domain.tld -days 10
 univention-certificate renew -name host.domain.tld -days 10

*** This bug has been marked as a duplicate of bug 38859 ***
First Last Prev Next    This bug is not in your last search results.