[Spacewalk-list] osad woes ...

Wojtak, Greg GregWojtak at quickenloans.com
Thu Oct 1 13:54:40 UTC 2009 

I recently figured this out, had the same problems, and it was indeed an issue with hostnames.  I ended up running:

openssl x509 -text -noout <RHN-ORG-TRUSTED-SSL-CERT

and found that the cert was signed with the FQDN, while the xml configs for jabberd (c2s.xml, router.xml, and s2s.xml) all had  either localhost or the short name.  After changing those to the FQDN, it worked.

Greg Wojtak

-----Original Message-----
From: spacewalk-list-bounces at redhat.com [mailto:spacewalk-list-bounces at redhat.com] On Behalf Of John Hodrien
Sent: Thursday, October 01, 2009 9:18 AM
To: spacewalk-list at redhat.com
Subject: Re: [Spacewalk-list] osad woes ...

On Thu, 1 Oct 2009, Taco Scargo wrote:

> Hi all,
>
> As I was pulling my hair out getting osad/jabber working on my spacewalk
> installation, I decided to just reinstall my whole spacewalk server from
> scratch.
> Did so, and still get the infamous "Server did not return a <features />
> stanza" error.
>
> Running on CentOS 5 x86_64, with the following rpm versions:
> jabberd-2.2.8-2.el5
> osa-dispatcher-5.9.21-1.el5
>
> On my client side (also CentOS 5 x86_64):
> osad-5.2.0-1.el5
>
> Followed all the steps as documented in the wiki.
>
> While debugging I get this output (xxx01 is my spacewalk server):
>
> [root at xxx02 rhn]# /usr/sbin/osad -v -v -v --jabber-server=xxx01
> 2009-10-01 14:48:59 osad._setup_config: Updating configuration
> 2009-10-01 14:49:00 osad._setup_config: Time drift 0
> 2009-10-01 14:49:00 osad._setup_config: Client name f50a5cada30b46ad
> 2009-10-01 14:49:00 osad._setup_config: Shared key
> 28eb9a5973832c582a6927877b6f4b11823308ad
> 2009-10-01 14:49:00 jabber_lib.setup_connection: Connecting to xxx01
> 2009-10-01 14:49:00 jabber_lib._get_jabber_client:
> 2009-10-01 14:49:00 jabber_lib._get_jabber_client: Connecting to xxx01
> 2009-10-01 14:49:00 jabber_lib.__init__:
> 2009-10-01 14:49:00 jabber_lib.__init__:
> 2009-10-01 14:49:00 jabber_lib.connect:
> 2009-10-01 14:49:00 jabber_lib.process: 300
> Server did not return a <features /> stanza
> 2009-10-01 14:49:00 jabber_lib.print_message: SSLError
> 2009-10-01 14:49:00 jabber_lib.print_message: Could not connect to
> jabber server xxx01
> 2009-10-01 14:49:00 jabber_lib.setup_connection: Could not connect to
> any jabber server
> 2009-10-01 14:49:00 jabber_lib.push_to_background: Pushing process into
> background
>
>
> The only thing that I can think of (looking at the generated RHN-ORG
> certificate) is that something chokes on the fact that the certificate
> is generated for the hostname instead of the fqdn.
>
> I just don't know enough about how strict jabber is on checking the ip
> against fqdn and against the certificate.
>
> Help is appreciated !

Most of these stanza problems with jabber seem to trace back to the hostname
jabber thinks it's using, the one in the certificate, and the on the clients
and the server think the jabber server is on differ.

Make them all the same and it works just dandy.  I'd sort the certificate out
so that everything refers to fqdn.

jh

_______________________________________________
Spacewalk-list mailing list
Spacewalk-list at redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list

More information about the Spacewalk-list mailing list