[Spacewalk-list] how to use real certificate with spacewalk
Glen Collins
glenc2004 at comcast.net
Wed Nov 26 17:25:55 UTC 2014
Hi Yang,
Look at this:
http://www.marsdominion.com/2013/02/01/configuring-a-rhn-satellite-server-with-a-third-party-cert/
Here is the wiki on changing the name of the server. Give ideas where files that need to be changed:
https://fedorahosted.org/spacewalk/wiki/How_to_rename_or_change_a_satellite_hostnam
Also what I found is you need to rebuild the rpms found under /root/ssl-build so the new certs are used. Remove the old rpm's and use the new ones. Also jabber and osa-dispatcher will be unhappy too!
Anyway, hope this helps!
Regards,
Glen Collins
----- Original Message -----
I am trying to use real certificate with spacewalk server. I have changed /etc/httpd/conf.d/ssl.conf with following:
SSLCertificateFile /etc/pki/tls/certs/server.crt
SSLCertificateKeyFile /etc/pki/tls/private/server.key
SSLCertificateChainFile /etc/pki/tls/certs/server_interm.crt
I restarted spacewalk-service
# spacewalk-service restart
My spacewalk web GUI seems work fine, but I think I may have missed something else since all my client will get the SSL certificate failed verification error.
# yum check-update
Loaded plugins: product-id, rhnplugin, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
The SSL certificate failed verification.
Is there a instruction what else I should do to get everything changed?
Thanks,
Yang
_______________________________________________
Spacewalk-list mailing list
Spacewalk-list at redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-list
More information about the Spacewalk-list
mailing list