Univention Bugzilla – Bug 55976
Dianostic module: 04_saml_certificate_check fails in keycloak environment
Last modified: 2024-03-07 13:07:27 CET
In our keycloak product test the umc diagnostic check 04_saml_certificate_check fails fails with Traceback (most recent call last): File "/usr/share/ucs-test/00_checks/81_diagnostic_checks.py", line 66, in test_run_diagnostic_checks assert plugin_data['success'], plugin_data['error_message'] AssertionError: ## Check failed: 04_saml_certificate_check - Überprüfung der SAML-Zertifikate fehlgeschlagen! ## Das SAML Identity Providers Zertifikat '/usr/share/univention-management-console/saml/idp/ucs-sso-ng.ucs.test.xml' fehlt in https://10.207.127.153/simplesamlphp/saml2/idp/certificate (https://10.207.127.153/simplesamlphp/saml2/idp/certificate). Führen Sie das Join-Skript <tt>92univention-management-console-web-server</tt> via {join} oder <tt>univention-run-join-scripts --force --run-scripts 92univention-management-console-web-server</tt> auf der Befehlszeile as Benutzer <i>root</i> aus. assert False Seems that the check is incompatible with the current keycloak app.
Added workaround utils/utils.sh::run_keycloak_tests (0bdc37b6c63c5859ca1b5ba74b302ecdbd73dad0) Please revert if bug is fixed.
Successful build Package: univention-management-console-module-diagnostic Version: 6.0.7-4 Branch: ucs_5.0-0 Scope: errata5.0-6 removed workaround in keycloak tests (1e555b3da838387acb2978439100c776a1585bbe)
OK: Diagnostic check works with Keycloak OK: Diagnostic check works with Keycloak different path / different FQDN OK: Jenkins OK: Workaround removed OK: YAML Verified
Successful build Package: univention-management-console-module-diagnostic Version: 6.0.7-5 Branch: ucs_5.0-0 Scope: errata5.0-6 added ucs-sso-ng as default for keycloak/fqdn
OK: Diagnostic check also works if Keycloak URLs are not configured. (And default is used) Verified
<https://errata.software-univention.de/#/?erratum=5.0x980>