[Spacewalk-list] osad not working with Spacewalk proxy server
Jeremy Davis
jdavis4102 at gmail.com
Fri Feb 17 19:17:05 UTC 2012
Yes the CN needs to be that of the proxy server that is listed in
/etc/sysconfig/rhn/up2date file. This Cert should be at location
http://spacewalkproxy01.dc.company.com/pub/RHN-ORG-TRUSTED-SSL-CERT
On 02/17/2012 09:18 AM, Sean Carolan wrote:
> On Thu, Feb 16, 2012 at 6:47 PM, Jeremy Davis<jdavis4102 at gmail.com> wrote:
>> Yes, that is the correct cert. You also need to make sure you download that
>> cert to the client and change the /etc/sysconfig/rhn/osad.conf to point to
>> that downloaded cert from the proxy server.
> Ok, so here are the troubleshooting steps I've taken.
> * Stop the proxy services
> * Moved /var/www/html/pub/RHN-ORG-TRUSTED-SSL-CERT to
> RHN-ORG-TRUSTED-SSL-CERT.backup
> * Re-ran configure-proxy.sh using the following answers file (names
> changed to protect the innocent):
>
> VERSION="1.6"
> RHN_PARENT="spacewalk02.company.com"
> TRACEBACK_EMAIL="admins at company.com"
> USE_SSL="Y"
> CA_CHAIN="/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT"
> HTTP_PROXY=
> SSL_ORG="Some obscure gaming company"
> SSL_ORGUNIT="spacewalkproxy01.dc.company.com"
> SSL_COMMON="spacewalkproxy01.dc.company.com"
> SSL_CITY="Austin"
> SSL_STATE="Texas"
> SSL_COUNTRY="US"
> SSL_EMAIL="admins at company.com"
> INSTALL_MONITORING="n"
> POPULATE_CONFIG_CHANNEL="n"
>
> A brand-spanking new cert was created in /var/www/html/pub, but the OU
> and CN in the certificate are for RHN_PARENT, or
> spacewalk02.company.com which is the main app server. Should this be
> "spacewalkproxy01.dc.company.com" instead? My theory is that the ssl
> cert may be failing because it has the wrong name in it...
>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
--
Thank you,
Jeremy Davis, GCIH
More information about the Spacewalk-list
mailing list