[Pulp-list] pulp and puppet certificates
Cristian Falcas
cristi.falcas at gmail.com
Fri Sep 12 16:23:03 UTC 2014
Hello,
I'm trying to set puppet certificates to be used by foreman, but I can't
manage to amke it work.
Actually only one of the commands doesn't work:
pulp-admin consumer unregister --consumer-id my-consumer1
An error occurred attempting to contact the server. More information can be
found in the client log file ~/.pulp/admin.log.
tail ~/.pulp/admin.log
self.context.server.consumer.unregister(consumer_id)
File "/usr/lib/python2.7/site-packages/pulp/bindings/consumer.py", line
55, in unregister
return self.server.DELETE(path)
File "/usr/lib/python2.7/site-packages/pulp/bindings/server.py", line 90,
in DELETE
return self._request('DELETE', path, body=body)
File "/usr/lib/python2.7/site-packages/pulp/bindings/server.py", line
143, in _request
response_code, response_body = self.server_wrapper.request(method, url,
body)
File "/usr/lib/python2.7/site-packages/pulp/bindings/server.py", line
326, in request
raise exceptions.ConnectionException(None, str(err), None)
ConnectionException: (None, 'sslv3 alert bad certificate', None)
This is the default certificate made by pulp: ca.crt
Certificate:
Data:
Version: 1 (0x0)
Serial Number: 13145249922930536020 (0xb66d4f288c016e54)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=machine.optymyze.net, O=PULP
Validity
Not Before: Sep 11 17:23:23 2014 GMT
Not After : Dec 15 17:23:23 2033 GMT
Subject: CN=machine.optymyze.net, O=PULP
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
Exponent: 65537 (0x10001)
Signature Algorithm: sha1WithRSAEncryption
This one is from puppet: pp_ca_cert.pem
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 564 (0x234)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Puppet CA: puppet.company.net
Validity
Not Before: Sep 1 10:19:31 2014 GMT
Not After : Sep 1 10:19:31 2019 GMT
Subject: CN=machine.optymyze.net
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D0:25:E9:C0:EE:23:91:26:AD:16:8F:85:B5:C2:85:B7:66:B7:24
Netscape Comment:
Puppet Ruby/OpenSSL Internal Certificate
X509v3 Extended Key Usage: critical
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Authority Key Identifier:
keyid:24:63:CC:70:4B:17:C7:FC:DB:82:65:66:E3:E4:6A:39:91:79:36:F3
Signature Algorithm: sha256WithRSAEncryption
Is there a problem with the version of certificates made by puppet? Is pulp
requiring only v1?
Best regards,
Cristian Falcas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20140912/0df7e5a4/attachment.htm>
More information about the Pulp-list
mailing list