<html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><style type="text/css" style="display:none;"></style></head><body dir="ltr">Hi Daryl,<br> <br> so you have a wildcard cert, yes?<br> <br> The files on Dev/prod are identical?<br> <br> Are you using intermediate certs?<br> <br> You day, osa-dispatcher is complaining... did you copy the RHN-TRUSTED.... file to /var/www/html /pub ?<br> <br> Regards,<br> Robert<br> <br><br><div class="gmail_quote">Am 21. September 2015 17:44:48 MESZ, schrieb Daryl Rose <darylrose@outlook.com>:<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;"> <div id="divtagdefaultwrapper" style="font-size:12pt; color:#000000; background-color:#FFFFFF; font-family:Calibri,Arial,Helvetica,sans-serif"> <p>As I reported before, I decided to move my SW environment forward, and put up a production SW server. The signed certificate works fine in my dev/test demonstration environment, but I just can't get it working in the production environment.</p> <p><br /> </p> <p>My last email, I was able to get the cert to work just fine with the RHEL servers, but it kept failing with the SLES servers. I finally decided to rebuild the entire SW server. Fresh install of RHEL, fresh install of SW. </p> <p><br /> </p> <p>I followed the steps exact, and did everything exactly the same way that I did on my dev/demo server. But something is different.</p> <p><br /> </p> <p>When I try to start spacewalk, I get an error from the osa-dispatcher complaining that about a certificate name mismatch:</p> <p><br /> </p> <p><br /> </p> <p></p> <div>Starting osa-dispatcher: Spacewalk 20830 2015/09/21 10:35:28 -05:00: ('Traceback caught:',)</div> <div>Spacewalk 20830 2015/09/21 10:35:28 -05:00: ('Traceback (most recent call last):\n File "/usr/share/rhn/osad/jabber_lib.py", line 632, in connect\n self.verify_peer(ssl)\n File "/usr/share/rhn/osad/jabber_lib.py", line 713, in verify_peer\n (self._host, common_name))\nSSLVerifyError: Mismatch: peer name: <SERVER NAME>; common name: *.<DOMAIN.NAME> .\n',)</div> <div><br /> </div> <div><br /> </div> <div>I've verified everything against the dev/demo machine and all of the certificate information in ssl-build matches exactly. e.g. server.key, server.crt, server.csr, server.pem and RHN-ORG-TRUSTED-SSL-CERT.</div> <div><br /> </div> <div>I've recreated this certificate multiple times. The only thing that I can think of, is there must be a cert, or file somewhere that did not get updated.</div> <div><br /> </div> <div>Any suggestions?</div> <div><br /> </div> <div>Thank you.</div> <div><br /> </div> <div>Daryl </div> <br /> <p></p> </div> <p style="margin-top: 2.5em; margin-bottom: 1em; border-bottom: 1px solid #000"></p><pre class="k9mail"><hr /><br />Spacewalk-list mailing list<br />Spacewalk-list@redhat.com<br /><a href="https://www.redhat.com/mailman/listinfo/spacewalk-list">https://www.redhat.com/mailman/listinfo/spacewalk-list</a></pre></blockquote></div><br> -- <br> Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.</body></html>