Hey,
we want a way to regenerate CRL file(s) that are created on the Candlepin side. I was under impression /crl does this, but unfortunately it only returns the list in JSON.
How to do that? If Candlepin does not have this feature, we need to request RFE.
Until then, I would like to document how to create at least empty Candlepin/Pulp compatible CRL list after recovery from backup. How to do this? Can I leverage OpenSSL tooling for this?
Thanks
On 06/22/2012 07:52 AM, Lukas Zapletal wrote:
Hey,
we want a way to regenerate CRL file(s) that are created on the Candlepin side. I was under impression /crl does this, but unfortunately it only returns the list in JSON.
How to do that? If Candlepin does not have this feature, we need to request RFE.
Until then, I would like to document how to create at least empty Candlepin/Pulp compatible CRL list after recovery from backup. How to do this? Can I leverage OpenSSL tooling for this?
Thanks
Today this is done by a pinsetter job. What is the use case you are trying to solve? I will be happy to put it on the backlog.
-- bk
On Fri, Jun 22, 2012 at 01:52:07PM +0200, Lukas Zapletal wrote:
Hey,
we want a way to regenerate CRL file(s) that are created on the Candlepin side. I was under impression /crl does this, but unfortunately it only returns the list in JSON.
How to do that? If Candlepin does not have this feature, we need to request RFE.
Yeah, please file an rfe. that /crl url should be working along with the pinsetter job that generates the crl, but it isn't.
Until then, I would like to document how to create at least empty Candlepin/Pulp compatible CRL list after recovery from backup. How to do this? Can I leverage OpenSSL tooling for this?
You should be able to do something like: openssl ca -gencrl -keyfile <candlepin key file> -cert <matching cert file> \ -out emptycrl.pem -crldays 90
Thanks
-- Later,
Lukas "lzap" Zapletal #katello #systemengine _______________________________________________ candlepin mailing list candlepin@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/candlepin
-James
On 06/22/2012 08:20 AM, James Bowes wrote:
On Fri, Jun 22, 2012 at 01:52:07PM +0200, Lukas Zapletal wrote:
Hey,
we want a way to regenerate CRL file(s) that are created on the Candlepin side. I was under impression /crl does this, but unfortunately it only returns the list in JSON.
How to do that? If Candlepin does not have this feature, we need to request RFE.
added to the backlog:
[CP] As a katello user, i would like a command to regenerate the crl on disk [CP] As a katello user, i would like a command to delete the crl on disk
-- bk
Actually we have implemented the first already:
https://bugzilla.redhat.com/show_bug.cgi?id=821644
Unfortunately we are using /crl there and it seemed Candlepin regenerates the CRL file (from the log files), but it does not in reality.
LZ
On Fri, Jun 22, 2012 at 08:30:02AM -0400, Bryan Kearney wrote:
On 06/22/2012 08:20 AM, James Bowes wrote:
On Fri, Jun 22, 2012 at 01:52:07PM +0200, Lukas Zapletal wrote:
Hey,
we want a way to regenerate CRL file(s) that are created on the Candlepin side. I was under impression /crl does this, but unfortunately it only returns the list in JSON.
How to do that? If Candlepin does not have this feature, we need to request RFE.
added to the backlog:
[CP] As a katello user, i would like a command to regenerate the crl on disk [CP] As a katello user, i would like a command to delete the crl on disk
-- bk _______________________________________________ candlepin mailing list candlepin@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/candlepin
candlepin@lists.stg.fedorahosted.org