[rhn-users] RHN Proxy install

Todd Warner taw at redhat.com
Thu Mar 10 23:24:39 UTC 2005 

On Thu, 10 Mar 2005, Todd Warner wrote:

> On Thu, 10 Mar 2005, MJang wrote:
>
>> Folks,
>> 
>> I'd appreciate a bit of troubleshooting help here.
>> 
>> Still working on getting RHN Proxy Server 3.6 going. I think I have
>> everything configured to the Proxy Server and Client config guides as
>> documented at http://www.redhat.com/docs/manuals/RHNetwork/
>> 
>> I have RHN Proxy Server 3.6 installed on a RHEL 3 AS computer, have
>> verified that squid, httpd, and jabberd router are active with the
>> following command
>> 
>> service rhn-proxy status
>> 
>> I've created and dist the SSL keys, PRIVATE to the local proxy
>> computer's /usr/share/rhn, TRUSTED to one client's RHEL 3
>> WS's /usr/share/rhn
>> 
>> When I try to connect from the RHEL 3 WS command line with up2date, I
>> get the following message (acutal URL deleted):
>> 
>> https://xxx.xxx.xxx/XMLRPC
>> https://xxx.xxx.xxx/XMLRPC
>> https://xxx.xxx.xxx/XMLRPC
>> https://xxx.xxx.xxx/XMLRPC
>> https://xxx.xxx.xxx/XMLRPC
>> Error communicating with server. The message was:
>> Connection refused
>> 
>> I've disabled all firewalls, I can connect via browser directly to
>> 
>> https://xxx.xxx.xxx,
>> 
>> and I get the "Red Hat Network Proxy" logo.
>> 
>> Troubleshooting suggestions would be appreciated.
>> 
>> Thanks,
>> Mike
>
> Is this connected to a RHN hosted or a satellite?

OK. I am coming late to this party sorry. I just noticed the long string
of discussion. I see Cliff has been involved. :)

The PRIVATE key goes nowhere and is irrelevent until you generate more
SSL key sets.

"Connection refused" tells me the client can't talk to the RHN Proxy.
You may want to ensure that client is communicating to the RHN Proxy
Server and not our hosted environment. Check /etc/sysconfig/rhn/up2date
and, if this client is an RHEL 2.1 box, check
/etc/sysconfig/rhn/rhn_register as well. The connecting server URLs must
be pointing to the RHN Proxy and the CA SSL public certificate (the
TRUSTED cert) setting needs to be set to the appropriate file location.

Also... when testing up2date against an RHN Proxy, tail -f these two
files:
tail -f /var/log/rhn/rhn_proxy_broker.log
tail -f /var/log/rhn/rhn_proxy_redirect.log

On the way in, the HTTP request will cause the rhn_proxy_broker.log
to roll with output, and on the way out (the request is on it's way to
Red Hat or your satellite if applicable), rhn_proxy_redirect.log will
begin to roll with output.

You may also consider tailing:
tail -f /var/log/httpd/error_log
and
tail -f /var/log/squid/access.log

-- 
____________
  /odd Warner                                    <taw@{redhat,pobox}.com>
       Geek Herder - QA/Sust-Eng/Rel-Eng/Docs/Ops - Red Hat Network
---------------------gpg info in the message headers--------------------
"Dissent is the highest form of patriotism." -Pres. Thomas Jefferson

More information about the rhn-users mailing list