Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG]: ome_application_certificate doesn't support uploading certificate chain #645

Open
MallocArray opened this issue Apr 24, 2024 · 1 comment
Open

[BUG]: ome_application_certificate doesn't support uploading certificate chain #645

MallocArray opened this issue Apr 24, 2024 · 1 comment
Labels
needs-triage Issue requires triage. type/bug Something isn't working
Projects
OpenManage Ansible Collection
Milestone
v9.5.0

Comments

@MallocArray
Copy link

Bug Description

When migrating from OME 3.10 to OME 4.x appliances, a requirement is that the full certificate chain is uploaded to the appliance instead of just the standard cert.
In the oem_appliacation_certificate module, even if the upload_file contains the full certificate chain, it is not imported as the full chain, and causes the migration to be blocked.

Another parameter should be added to import either the Certificate or Certificate Chain, with a default of Certificate
image

I lost about 3 hours of work generating and importing certs, only to find out that if I used the GUI to import the same certificate I was providing to the Ansible module and selected Certificate Chain, it worked as expected

Component or Module Name

ome_application_certificate

Ansible Version

2.16

Python Version

3.10

iDRAC/OME/OME-M version

OME 3.10.2 and OME 4.0.1

Operating System

N/A

Playbook Used

    - name: Upload the signed certificate
      dellemc.openmanage.ome_application_certificate:
        hostname: "{{ inventory_hostname }}"
        username: "{{ dell_ome_username }}"
        password: "{{ dell_ome_password }}"
        validate_certs: "{{ dell_validate_certs | default(omit) }}"
        ca_path: "{{ dell_ca_path | default(omit) }}"
        command: "upload"
        upload_file: "/tmp/{{ inventory_hostname }}.cer"
      delegate_to: localhost
      tags:
        - upload

Logs

N/A

Steps to Reproduce

Create a .cer file that contains the full certificate chain and use the ansible module to upload the certificate chain file

Observe no errors and new cert is used in OME, but is not imported as the Certificate Chain, causing a validation error failure in the Migrate Out/In steps

Expected Behavior

If a full chain is provided, it will be uplaoded as the full chain, or a parameter added to specify if the file being provided is a certificate or a certificate chain

Actual Behavior

Observe no errors and new cert is used in OME, but is not imported as the Certificate Chain, causing a validation error failure in the Migrate Out/In steps

Screenshots

image

Additional Information

No response
@MallocArray MallocArray added needs-triage Issue requires triage. type/bug Something isn't working labels Apr 24, 2024
@anupamaloke
Copy link
Contributor

@MallocArray, thanks for submitting this issue. This is on the backlog and we will be prioritizing it for future releases.

@anupamaloke anupamaloke added this to the v9.5.0 milestone May 29, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
needs-triage Issue requires triage. type/bug Something isn't working
Projects
OpenManage Ansible Collection
Awaiting triage
Milestone
v9.5.0
Development

No branches or pull requests
2 participants
@MallocArray @anupamaloke