[Spacewalk-list] Spacewalk Proxy 1.6 and non-self signed certificates
Jan Pazdziora
jpazdziora at redhat.com
Tue Jan 10 15:33:54 UTC 2012
On Tue, Jan 03, 2012 at 09:31:16AM -0500, Scott Worthington wrote:
> > Looking at the configure-proxy.sh code, the you just use the
> > --force-own-ca to create CA and certificate from scratch, and then you
> > replace the CA chain, certificate and its key with your own. In other
> > words, it's a workaround to get you through the configuration, not a
> > proper support for external CA.
> >
> > --
> > Jan Pazdziora
> > Principal Software Engineer, Satellite Engineering, Red Hat
>
> Hello,
>
> I believe to have everything configured and installed properly with regards
> to my external cert and activating the Spacewalk Proxy 1.6.
>
> The output from the /usr/bin/rhn-proxy-activate:
> API version: 1.6
> RHN Proxy scuccessfully activated.
>
> However, when I use the Spacwalk web GUI and do the following:
> Click on Systems --> Click on the Spacewalk Proxy server name 'spacewalk-proxy'
> --> then under 'Details' click on the 'Proxy' link. The next page says:
[...]
> I looked in /var/log/tomcat6/catalina.out on the Spacewalk Server
> expecting an error
> message, but there is none.
The error is
[error] acl fail: user_role(org_admin); system_feature(ftr_proxy_capable); org_channel_family(rhn-proxy); child_channel_candidate(rhn-proxy) at /usr/lib/perl5/vendor_perl/5.8.8/PXT/ApacheAuth.pm line 141.
in /var/log/httpd/error_log.
Mirek, can you investigate?
> Since the Spacewalk Proxy successfully activated to Spacewalk, I
> assumed all was go.
Yes, your Proxy should be good to go, you just won't be able to see it
on the WebUI.
> Any idea where else I should look to find out why I am getting a
> permission error?
It's a .pxt page, so under /var/log/httpd.
--
Jan Pazdziora
Principal Software Engineer, Satellite Engineering, Red Hat
More information about the Spacewalk-list
mailing list