First Last Prev Next    This bug is not in your last search results.
Bug 55067 - consider removal UMC module "certificate settings"
consider removal UMC module "certificate settings"
Status: NEW
Product: UCS
Classification: Unclassified
Component: UMC - Certificate settings
UCS 5.0
Other Linux
: P5 normal (vote)
: ---
Assigned To: UMC maintainers
UMC maintainers
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-08-04 11:19 CEST by Dirk Ahrnke
Modified: 2022-08-04 11:29 CEST (History)
1 user (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 6: Setup Problem: Issue for the setup process
Who will be affected by this bug?: 1: Will affect a very few installed domains
How will those affected feel about the bug?: 2: A Pain – users won’t like this once they notice it
User Pain: 0.069
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Dirk Ahrnke univentionstaff 2022-08-04 11:19:56 CEST 
The usiage of the UMC module "certificate settings" will most likely even in a non-complex environment cause more or less severe problems.
In any case additional steps to be done using CLI will be necessary. 

It should be considered if the module can be completely removed and maybe replaced by a documentation in https://docs.software-univention.de/manual/5.0/de/domain-ldap/ssl.html
Comment 1 Philipp Hahn univentionstaff 2022-08-04 11:29:18 CEST 
If you change any setting a new root-CA-certificate will be created; all previous certificates thus become invalid and must be re-newed and re-deployed manually as described in <https://help.univention.com/t/renewing-the-ssl-certificates/37>.

Reverting such a mistake requires restoring the SSL certificates from backup.

As such is is a major usability problem if used by accident.

There is Bug #30294 for implementing automatic certificate renewal. Only then would the UMC module be useful again.
First Last Prev Next    This bug is not in your last search results.