[rhn-users] SSL Certificate for rhn.redhat.com - please be aware that older up2date/rhn clients need updating
Cliff Perry
cperry at redhat.com
Tue Aug 6 18:51:33 UTC 2013
On 11/07/13 11:04, Cliff Perry wrote:
> We have more official communications going out, but I know some people
> read this list, vs Red Hat mailings.
>
> The details are outlined very well within the following kbase:
>
> https://access.redhat.com/site/solutions/353033
>
> In short, the current SSL Certificate on rhn.redhat.com, and the
> associated CA Cert provided within RHEL for communication to RHN, will
> expire in August 2013. We have provided updated CA Cert within RHEL, via
> errata, for quite some time, and since GA for RHEL 6.
>
> If you have older (than listed Errata versions) of up2date or
> rhn-client-tools packages installed on RHEL 3, 4 or 5 systems, you will
> want to take action, or risk hitting SSL errors when trying to
> communicate with RHN.
>
> For customers of RHN, this can impact you.
>
> Those using RHEL 6 are not impacted.
>
> Those using subscription-manager are not impacted.
>
> For customers using Satellite:
> - the client systems registered to Satellite are not impacted
> - the connected Satellites, installed on RHEL 5, syncing content
> directly from RHN (satellite.rhn.redhat.com), this can impact you - as
> the CA Cert provided by the rhn-client-tools is also used by
> satellite-sync.
> - the connected Satellites, installed on RHEL 6 are not impacted.
> - any disconnected Satellites are not impacted.
>
> I recommend, if you have concerns or questions, please reference the
> kbase article linked and open a support ticket if needed.
>
> https://access.redhat.com/site/solutions/353033
>
> For an idea of time lines, the RHEL 5 fix was released 3 years ago:
> RHBA-2010:0270 - 2010-03-30 (March 30th 2010)
>
> Regards,
> Cliff
>
>
> _______________________________________________
> rhn-users mailing list
> rhn-users at redhat.com
> https://www.redhat.com/mailman/listinfo/rhn-users
Following up with a reminder, and forwarding a recent message sent to
the rhn outage list.
Regards,
Cliff
https://www.redhat.com/archives/rhn-outage-list/2013-August/msg00000.html
***// SCHEDULED MAINTENANCE REPORT //***
Date of CA Certificate Renewal: Monday, August 12, 2013
People/Groups Impacted: Customers using *.rhn.redhat.com sites
Sites Affected: rhn.redhat.com
The Red Hat Network (RHN Classic) SSL CA certificate is distributed with
products that connect to the Red Hat Network, such as Red Hat Enterprise
Linux, and is used to verify the product's secure connection to the service.
The CA certificate contained in older rhn client packages (prior to
erratas listed on https://access.redhat.com/site/solutions/353033)
expires in August 2013 and will result in connection failures after RHN
Classic renews the certificate on August 12th, 2013.
Please make sure your systems running Red Hat Enterprise Linux versions
5 or earlier [1] have updated rhn client packages which contain the new
CA certificate in order to continue to connect to RHN Classic after
August 12th, 2013 - refer to this solution
https://access.redhat.com/site/solutions/353033 for affected rhn client
packages/versions and for instructions on updating the packages.
If the CA certificate is not updated, your Red Hat Enterprise Linux
systems will no longer be able to securely connect to RHN Classic and
receive updates. Systems running Red Hat Enterprise Linux 6 or above,
and/or using Red Hat Subscription Management, are not impacted.
[1] This also includes Red Hat Satellite and Proxy servers in connected
mode, and client systems in RHEL client->Red Hat Proxy Server->RHN
Classic configurations.
If you have questions about this certificate change, please contact a
regional Customer Service representative:
https://access.redhat.com/customerservice
For technical assistance please contact:
https://access.redhat.com/support/contact/technicalSupport.html
More information about the rhn-users
mailing list