[Spacewalk-list] Cannot retrieve repository metadata (repomd.xml) - HTTP 400 if using SSL

Sascha Frey sf at TechFak.NET
Fri Jun 24 14:37:22 UTC 2011 

Hi,

we just set up a spacewalk server and got our first client kickstarted.

The client cannot access any channel on the spacewalk server.
'yum update' returns 'Error: Cannot retrieve repository metadata
(repomd.xml) for repository: sl-x86_64-6. Please verfiy its path and try
again'.

It does work if I disable SSL on the client by adding
'noSSLServerURL=http://my-spacewalk-server.domain.tld/XMLRPC' to
/etc/sysconfig/rhn/up2date and changing useNoSSLForPackages to 1.

The CA cert path is set to its original at
/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT

This certificate seems to be correct. 'openssl s_client' can verfiy the
certificate sent by the spacewalk server with that CA cert.
Modifying the CA cert (make it incorrect) results in a clear error
message '...failed validation'.

We are runnging Spacewalk 1.4 on a Scientific Linux 6 server.
The client is SL6, too.

client# rpm -qa | grep rhn
rhnsd-4.9.9-1.el6.x86_64
rhn-client-tools-1.4.16-1.el6.noarch
rhn-check-1.4.16-1.el6.noarch
rhn-setup-1.4.16-1.el6.noarch
rhnlib-2.5.39-1.el6.noarch
yum-rhn-plugin-1.4.15-1.el6.noarch


The HTTPd logs on the server show a bad request (400):
129.70.137.XX - - [24/Jun/2011:15:57:50 +0200] "POST /XMLRPC HTTP/1.1" 200 1544
129.70.137.XX - - [24/Jun/2011:15:57:50 +0200] "GET /XMLRPC/GET-REQ/sl-x86_64-6/repodata/repomd.xml HTTP/1.1" 400 309

With having SSL disabled on the client everything seems to work:
129.70.137.XX - - [24/Jun/2011:15:59:44 +0200] "GET /XMLRPC/GET-REQ/sl-x86_64-6/repodata/repomd.xml HTTP/1.1" 200 1033 "-" "rhn.rpclib.py/$Revision$"
129.70.137.XX - - [24/Jun/2011:15:59:44 +0200] "GET /XMLRPC/GET-REQ/sl-x86_64-6/repodata/primary.xml.gz HTTP/1.1" 200 1989492 "-" "rhn.rpclib.py/$Revision$"


/var/log/up2date on the client:
[Fri Jun 24 15:55:56 2011] up2date updateLoginInfo() login info
[Fri Jun 24 15:55:56 2011] up2date logging into up2date server
[Fri Jun 24 15:55:56 2011] up2date successfully retrieved authentication token from up2date server
[Fri Jun 24 15:55:56 2011] up2date updateLoginInfo() login info
[Fri Jun 24 15:55:56 2011] up2date logging into up2date server
[Fri Jun 24 15:55:56 2011] up2date successfully retrieved authentication token from up2date server
[Fri Jun 24 15:55:56 2011] up2date updateLoginInfo() login info
[Fri Jun 24 15:55:56 2011] up2date logging into up2date server
[Fri Jun 24 15:55:56 2011] up2date successfully retrieved authentication token from up2date server
[Fri Jun 24 15:55:56 2011] up2date 
Traceback (most recent call last):
  File "/usr/sbin/rhn_check", line 333, in __run_action
    (status, message, data) = CheckCli.__do_call(method, params, kwargs)
  File "/usr/sbin/rhn_check", line 325, in __do_call
    method = getMethod.getMethod(method, "/usr/share/rhn/", "actions")
  File "/usr/share/rhn/up2date_client/getMethod.py", line 78, in getMethod
    actions = __import__(modulename)
  File "/usr/share/rhn/actions/packages.py", line 268, in <module>
    yum_base = YumAction()
  File "/usr/share/rhn/actions/packages.py", line 63, in __init__
    self.doTsSetup()
  File "/usr/lib/python2.6/site-packages/yum/depsolve.py", line 84, in doTsSetup
    return self._getTs()
  File "/usr/lib/python2.6/site-packages/yum/depsolve.py", line 99, in _getTs
    self._getTsInfo(remove_only)
  File "/usr/lib/python2.6/site-packages/yum/depsolve.py", line 110, in _getTsInfo
    pkgSack = self.pkgSack
  File "/usr/lib/python2.6/site-packages/yum/__init__.py", line 774, in <lambda>
    pkgSack = property(fget=lambda self: self._getSacks(),
  File "/usr/lib/python2.6/site-packages/yum/__init__.py", line 564, in _getSacks
    self.repos.populateSack(which=repos)
  File "/usr/lib/python2.6/site-packages/yum/repos.py", line 279, in populateSack
    sack.populate(repo, mdtype, callback, cacheonly)
  File "/usr/lib/python2.6/site-packages/yum/yumRepo.py", line 164, in populate
    if self._check_db_version(repo, mydbtype):
  File "/usr/lib/python2.6/site-packages/yum/yumRepo.py", line 223, in _check_db_version
    return repo._check_db_version(mdtype)
  File "/usr/lib/python2.6/site-packages/yum/yumRepo.py", line 1227, in _check_db_version
    repoXML = self.repoXML
  File "/usr/lib/python2.6/site-packages/yum/yumRepo.py", line 1417, in <lambda>
    repoXML = property(fget=lambda self: self._getRepoXML(),
  File "/usr/share/yum-plugins/rhnplugin.py", line 505, in _getRepoXML
    return YumRepository._getRepoXML(self)
  File "/usr/lib/python2.6/site-packages/yum/yumRepo.py", line 1413, in _getRepoXML
    raise Errors.RepoError, msg
<class 'yum.Errors.RepoError'>: Cannot retrieve repository metadata (repomd.xml) for repository: sl-x86_64-6. Please verify its path and try again


Any ideas what might gone wrong?




Regards
Sascha

More information about the Spacewalk-list mailing list