[Spacewalk-list] Using signed certs with a proxy server
Daryl Rose
darylrose at outlook.com
Mon May 2 12:52:18 UTC 2016
I am working on standing up a proxy server. I am using signed certs from a certificate authority on the primary SW server and that now seems to be sticking point with the proxy.
During the proxy setup process, I am prompted to copy the RHN-ORG-PRIVATE-SSL-KEY, RHN-ORG-TRUSTED-SSL-CERT and rhn-ca-openssl.cnf from the SW server to the proxy. However, I did not have a rhn-ca-openssl.cnf file so I had to create it using the rhn-ssl-tool command. I am under the impression that this creates a self signed cert to be used during the client registration process. However, when I look in /var/www/html/pub/ I see the same cert that is on my primary SW server.
I tried to register a client to the proxy but it failed. After reviewing the up2date log, I see the following error:
<snip>
.
.
<class 'up2date_client.up2dateErrors.SSLCertificateVerifyFailedError'>:
</snip>
I'm guessing this is because of the signed cert. Any suggestions on what to do and how to proceed?
Thank you.
Daryl
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20160502/05d37f1e/attachment.htm>
More information about the Spacewalk-list
mailing list