Server 5.0.4 deleted existing RSA private key and certificate from Keychain.
| Originator: | pepi.zawodsky | ||
| Number: | rdar://22800287 | Date Originated: | 22-Sep-2015 04:24 PM |
| Status: | Open | Resolved: | |
| Product: | OS X Server | Product Version: | 5.0.4 |
| Classification: | Crash/Hang/Data Loss | Reproducible: | I Didn't Try |
Summary: Server 5.0.4 deleted existing RSA private key and certificate from Keychain. Steps to Reproduce: Have a self generated private key pair and valid CA signed certificate for your server's FQDN in keychain and in use. This was a working setup in 5.0.3. Update to 5.0.4. Expected Results: Server should keep using your keys and cert. Actual Results: Server replaced my existing cert with a self-signed one and deleted my existing private key and certificate. Regression: This did not happen with 4.1.5 to 5.03 from what I can tell. Notes: This is effectively a denial of service and loss of private keys. If one doesn't have a backup of the keys, this is a loss of digital identity. It's absolutely unacceptable that private keys get deleted without any warning by Server.
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!