First Master computer added on installation has incorrect modules and wrong cert file names

Regarding point 2: Which config file are we talking about here? app.config.ini? Agent configuration?

Mustafa A. Hashmi wrote:
> Regarding point 2: Which config file are we talking about here?
> app.config.ini? Agent configuration?
>

This line in CaComputer Plugin:

public function getPubKeyPath()
 {
  return $this->_compConfig->pubcerts . '/' . $this->getProperty('cn') .
'.crt';
 }

 public function getPrvKeyPath()
 {
  return $this->_compConfig->prvkeys . '/' . $this->getProperty('cn') .
'.key';
 }

--
Faraz R Khan
Zivios::Open Source Enterprise Management
www.zivios.org

You are pointing me towards the function -- tell me how to duplicate the error you are receiving.

All certificates are generated with a .crt extension. If the primary server's certificate carries a .pem extension then that needs to be changed. It would be simpler to simply symlink here (as it offers an easy upgrade path for existing installations as well) and update the installer to write a .crt extension for the public certificate.

Also: in regards to point 1, I have added the CA and Package module / plugin & service map. I have also updated the core schemas to carry probed hardware details correctly. The DNS, Kerberos, NTP and OpenLDAP modules cannot be added as the server object falls into recursion when following defined service maps and loading computer objects (which in the case of the master system, is itself).

I have updated the installer to write a crt file for the primary CA's public cert. Updates have been made in all instances of the installer, as well as the CA module's service.ini file.

I have tested server add (where a certificate is generated and signed by the CA before being scped to the remote host), and all is working okay on my end.

After the commit takes place, you can simply:

mv /etc/ssl/certs/ZiviosCa.pem /etc/ssl/certs/ZiviosCa.crt

Let me know if this fixes your issue.

When adding support for centOS, I noticed the c_rehash perl script assumes certs will have .pem extensions. I am reverting the Zivios CA public key extension to be .pem. I will update the ca module's computer model accordingly.

Faraz, can I close this bug or are you still having issues?

Master Zivios servers for CentOS, Debian Lenny and Ubuntu Hardy are all working correctly for me (alongside module details and certificate information).

I think its fine now!

Mustafa A. Hashmi wrote:
> Faraz, can I close this bug or are you still having issues?
>
> Master Zivios servers for CentOS, Debian Lenny and Ubuntu Hardy are all
> working correctly for me (alongside module details and certificate
> information).
>
>