Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

1.13. certmonger

1.13.1. RHBA-2011:1002: certmonger bug fix and enhancement update

An updated certmonger package that fixes multiple bugs and adds several enhancements is now available for Red Hat Enterprise Linux 5.
The certmonger package contains a service which is primarily concerned with getting your system enrolled with a certificate authority (CA) and keeping it enrolled.
The certmonger package has been upgraded to upstream version 0.42, which provides a number of bug fixes and enhancements over the previous version. (BZ#688610)
Additionally, this update fixes the following bugs:
* Previously, when issuing a request for a certificate to an IPA server, if the IPA server returned an error, the ipa-submit helper process terminated unexpectedly while attempting to parse the error in order to report it. The bug has been fixed in this update, and the error is now recorded properly. (BZ#690892)
* Previously, if certmonger did not track any certificates, the output of the "ipa-getcert list" command was empty. This undesired behavior has been fixed so that after running the command, the number of the certificates tracked is now displayed as well as any certificate entries, if they exist. (BZ#681642)
* Previously, when the service attempted to save a certificate to a certificate database, if there was already a certificate in the database with the desired nickname assigned to it but which had a different value in its "subject name" field, the attempt to save the new certificate to the database failed. This bug has been fixed in this update so that any certificates that are already in the certificate database which have the desired nickname are now cleared out before attempting to store a new certificate, and storing the new certificate no longer fails. (BZ#695717)
* Previously, when a non-root user ran the "ipa-getcert" command, an unclear and ambiguous error message about insufficient user rights to run the command was displayed. This update improves the error message text so that it is now clear and straightforward. (BZ#681641)
* Previously, building the certmonger package failed due to a problem with self-tests. This problem has been resolved and does not occur anymore. (BZ#670322)
All users requiring certmonger should upgrade to this updated package, which fixes these bugs and adds several enhancements.