[Spacewalk-list] osad woes ...

Thu Oct 1 15:11:27 UTC 2009

Greg,

You were completely right. It was a short vs fqdn hostname problem.
Osad works like a charm now :)

Thanks for your suggestion !

Regards,

Taco

-----Original Message-----
From: spacewalk-list-bounces at redhat.com
[mailto:spacewalk-list-bounces at redhat.com] On Behalf Of Wojtak, Greg
Sent: 01 October 2009 15:55
To: spacewalk-list at redhat.com
Subject: RE: [Spacewalk-list] osad woes ...

I recently figured this out, had the same problems, and it was indeed an
issue with hostnames.  I ended up running:

openssl x509 -text -noout <RHN-ORG-TRUSTED-SSL-CERT

and found that the cert was signed with the FQDN, while the xml configs
for jabberd (c2s.xml, router.xml, and s2s.xml) all had  either localhost
or the short name.  After changing those to the FQDN, it worked.

Greg Wojtak

-----Original Message-----
From: spacewalk-list-bounces at redhat.com
[mailto:spacewalk-list-bounces at redhat.com] On Behalf Of John Hodrien
Sent: Thursday, October 01, 2009 9:18 AM
To: spacewalk-list at redhat.com
Subject: Re: [Spacewalk-list] osad woes ...

On Thu, 1 Oct 2009, Taco Scargo wrote:

> Hi all,
>
> As I was pulling my hair out getting osad/jabber working on my
spacewalk
> installation, I decided to just reinstall my whole spacewalk server
from
> scratch.
> Did so, and still get the infamous "Server did not return a <features
/>
> stanza" error.
>
> Running on CentOS 5 x86_64, with the following rpm versions:
> jabberd-2.2.8-2.el5
> osa-dispatcher-5.9.21-1.el5
>
> On my client side (also CentOS 5 x86_64):
> osad-5.2.0-1.el5
>
> Followed all the steps as documented in the wiki.
>
> While debugging I get this output (xxx01 is my spacewalk server):
>
> [root at xxx02 rhn]# /usr/sbin/osad -v -v -v --jabber-server=xxx01
> 2009-10-01 14:48:59 osad._setup_config: Updating configuration
> 2009-10-01 14:49:00 osad._setup_config: Time drift 0
> 2009-10-01 14:49:00 osad._setup_config: Client name f50a5cada30b46ad
> 2009-10-01 14:49:00 osad._setup_config: Shared key
> 28eb9a5973832c582a6927877b6f4b11823308ad
> 2009-10-01 14:49:00 jabber_lib.setup_connection: Connecting to xxx01
> 2009-10-01 14:49:00 jabber_lib._get_jabber_client:
> 2009-10-01 14:49:00 jabber_lib._get_jabber_client: Connecting to xxx01
> 2009-10-01 14:49:00 jabber_lib.__init__:
> 2009-10-01 14:49:00 jabber_lib.__init__:
> 2009-10-01 14:49:00 jabber_lib.connect:
> 2009-10-01 14:49:00 jabber_lib.process: 300
> Server did not return a <features /> stanza
> 2009-10-01 14:49:00 jabber_lib.print_message: SSLError
> 2009-10-01 14:49:00 jabber_lib.print_message: Could not connect to
> jabber server xxx01
> 2009-10-01 14:49:00 jabber_lib.setup_connection: Could not connect to
> any jabber server
> 2009-10-01 14:49:00 jabber_lib.push_to_background: Pushing process
into
> background
>
>
> The only thing that I can think of (looking at the generated RHN-ORG
> certificate) is that something chokes on the fact that the certificate
> is generated for the hostname instead of the fqdn.
>
> I just don't know enough about how strict jabber is on checking the ip
> against fqdn and against the certificate.
>
> Help is appreciated !

Most of these stanza problems with jabber seem to trace back to the
hostname
jabber thinks it's using, the one in the certificate, and the on the
clients
and the server think the jabber server is on differ.

Make them all the same and it works just dandy.  I'd sort the
certificate out
so that everything refers to fqdn.

jh

This e-mail message contains information which is confidential and may be privileged. It is intended for use by the addressee only. If you are not the intended addressee, we request that you notify the sender immediately and delete or destroy this e-mail message and any attachment(s), without copying, saving, forwarding, disclosing or using its contents in any other way. TomTom N.V., TomTom International BV or any other company belonging to the TomTom group of companies will not be liable for damage relating to the communication by e-mail of data, documents or any other information.