Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Curl request with the certificate is not working for KRA #3277

Open
pki-bot opened this issue Oct 3, 2020 · 2 comments
Open

Curl request with the certificate is not working for KRA #3277

pki-bot opened this issue Oct 3, 2020 · 2 comments

Comments

@pki-bot
Copy link

pki-bot commented Oct 3, 2020

This issue was migrated from Pagure Issue #3160. Originally filed by cipherboy (@cipherboy) on 2020-03-16 12:47:41:

Description of problem:
Curl tool not able to create request with the certificate.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:

  1. Create kraadmin user. add it to the 'Administrator' group.
  2. Add the certificate to the user.
  3. Get the certificate and convert it to pem file.
  4. curl -kv -L -E ./kraadmin.pem "https://pki1.example.com:21443/kra/server?RS_ID=serverCert&OP_TYPE=OP_READ&subjectName=&certType=serverCert&OP_SCOPE=subjectName"

Actual results:

# curl -kv -L -E ./kraadmin.pem "https://pki1.example.com:21443/kra/server?RS_ID=serverCert&OP_TYPE=OP_READ&subjectName=&certType=serverCert&OP_SCOPE=subjectName"
* About to connect() to pki1.example.com port 21443 (0)
*   Trying 10.19.34.103...
* Connected to pki1.example.com (10.19.34.103) port 21443 (0)
* Initializing NSS with certpath: sql:/opt/pki/certdb
* unable to load client key: -8178 (SEC_ERROR_BAD_KEY)
* NSS error -8178 (SEC_ERROR_BAD_KEY)
* Peer's public key is invalid.
* Closing connection 0
curl: (58) unable to load client key: -8178 (SEC_ERROR_BAD_KEY)
[root@auto-hv-01-guest01 ~]#

Expected results:
It should be successful.

Additional info:

export SSL_DIR=/opt/pki/certdb
@pki-bot
Copy link
Author

pki-bot commented Oct 3, 2020

Comment from cipherboy (@cipherboy) at 2020-03-16 12:48:29

https://bugzilla.redhat.com/show_bug.cgi?id=1549044

@pki-bot
Copy link
Author

pki-bot commented Oct 3, 2020

Comment from cipherboy (@cipherboy) at 2020-03-16 12:48:30

Metadata Update from @cipherboy:

  • Custom field component adjusted to None
  • Custom field feature adjusted to None
  • Custom field origin adjusted to None
  • Custom field proposedmilestone adjusted to None
  • Custom field proposedpriority adjusted to None
  • Custom field reviewer adjusted to None
  • Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1549044
  • Custom field type adjusted to None
  • Custom field version adjusted to None

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pki-bot