[Spacewalk-list] osa-dispatcher fails to start with null ssl error
Adams, Nick
adamsn at stifel.com
Fri Dec 22 14:59:10 UTC 2017
All,
I have ran into what I hope is a simple misconfiguration during setup. I am unable to start the osa-dispatcher service:
[root at SNCFGSPWD01S ~]# spacewalk-service restart
Shutting down spacewalk services...
Redirecting to /bin/systemctl stop taskomatic.service
Stopping cobblerd (via systemctl): [ OK ]
Redirecting to /bin/systemctl stop rhn-search.service
Redirecting to /bin/systemctl stop osa-dispatcher.service
Redirecting to /bin/systemctl stop httpd.service
Redirecting to /bin/systemctl stop tomcat.service
Redirecting to /bin/systemctl stop jabberd.service
Done.
Starting spacewalk services...
Redirecting to /bin/systemctl start jabberd.service
Redirecting to /bin/systemctl start tomcat.service
Waiting for tomcat to be ready ...
Redirecting to /bin/systemctl start httpd.service
Redirecting to /bin/systemctl start osa-dispatcher.service
Job for osa-dispatcher.service failed because the control process exited with error code. See "systemctl status osa-dispatcher.service" and "journalctl -xe" for details.
Redirecting to /bin/systemctl start rhn-search.service
Starting cobblerd (via systemctl): [ OK ]
Redirecting to /bin/systemctl start taskomatic.service
Done.
When reviewing the osa-dispatcher log:
2017/12/21 13:30:36 -05:00 3040 0.0.0.0: osad/jabber_lib.__init__
2017/12/21 13:30:36 -05:00 3040 0.0.0.0: osad/jabber_lib.connect('Server did not return a <features /> stanza, reconnecting',)
2017/12/21 13:30:37 -05:00 3040 0.0.0.0: osad/jabber_lib.connect('Server did not return a <features /> stanza, reconnecting',)
2017/12/21 13:30:38 -05:00 3040 0.0.0.0: osad/jabber_lib.connect('Server did not return a <features /> stanza, reconnecting',)
2017/12/21 13:30:39 -05:00 3040 0.0.0.0: osad/jabber_lib.connect('ERROR', 'Not able to reconnect - See https://access.redhat.com/solutions/45332 for possible solutions.\n')
2017/12/21 13:30:39 -05:00 3040 0.0.0.0: osad/jabber_lib.print_message('SSLError',)
2017/12/21 13:30:39 -05:00 3040 0.0.0.0: osad/jabber_lib.print_message('Could not connect to jabber server', 'SNCFGSPWD01S')
2017/12/21 13:30:39 -05:00 3040 0.0.0.0: osad/jabber_lib.main('ERROR', 'Error caught:')
Some Jabber specific configs:
[root at SNCFGSPWD01S ~]# grep $(hostname) /etc/jabberd/*xml
/etc/jabberd/c2s.xml: <id require-starttls="false" pemfile="/etc/pki/spacewalk/jabberd/server.pem" realm="" register-enable="true">SNCFGSPWD01S</id>
/etc/jabberd/sm.xml: <id>SNCFGSPWD01S</id>
/etc/jabberd/sm.xml: <id>SNCFGSPWD01S</id>
/etc/jabberd/sm.xml: <id>SNCFGSPWD01S</id>
/etc/jabberd/sm.xml: <id>SNCFGSPWD01S</id>
/etc/jabberd/sm.xml: <id>SNCFGSPWD01S</id>
/etc/jabberd/sm.xml: <id>SNCFGSPWD01S</id>
/etc/jabberd/sm.xml: <id>SNCFGSPWD01S</id>
Seeing as this is an SSL error, makes sense to include these:
[root at SNCFGSPWD01S ~]# grep CN= $(grep spacewalk.crt /etc/httpd/conf.d/ssl.conf | cut -f 2 -d' ') | grep Subject
Subject: C=US, ST=MO, O=Stifel, OU=SNCFGSPWD01S, CN=SNCFGSPWD01S/emailAddress=adamsn at stifel.com<mailto:CN=SNCFGSPWD01S/emailAddress=adamsn at stifel.com>
[root at SNCFGSPWD01S ~]# grep CN= /etc/pki/spacewalk/jabberd/server.pem | grep Subject
Subject: C=US, ST=MO, O=Stifel, OU=SNCFGSPWD01S, CN=SNCFGSPWD01S/emailAddress=adamsn at stifel.com
The OSA configuration portion of rhn.conf:
# OSA configuration #
server.jabber_server = SNCFGSPWD01S
osa-dispatcher.jabber_server = SNCFGSPWD01S
# set up SSL on the dispatcher
osa-dispatcher.osa_ssl_cert = /var/www/html/pub/RHN-ORG-TRUSTED-SSL-CERT
# system snapshots enabled
enable_snapshots = 1
#cobbler host name
cobbler.host = SNCFGSPWD01S
And finally the contents of the up2date.conf:
# Red Hat Update Agent config file.
# Format: 1.0
debug[comment]=Whether or not debugging is enabled
debug=0
systemIdPath[comment]=Location of system id
systemIdPath=/etc/sysconfig/rhn/systemid
serverURL[comment]=Remote server URL (use FQDN)
serverURL=https://sncfgspwd01s/XMLRPC
hostedWhitelist[comment]=RHN Hosted URL's
hostedWhitelist=
enableProxy[comment]=Use a HTTP Proxy
enableProxy=0
versionOverride[comment]=Override the automatically determined system version
versionOverride=
httpProxy[comment]=HTTP proxy in host:port format, e.g. squid.redhat.com:3128
httpProxy=
noReboot[comment]=Disable the reboot actions
noReboot=0
networkRetries[comment]=Number of attempts to make at network connections before giving up
networkRetries=1
disallowConfChanges[comment]=Config options that can not be overwritten by a config update action
disallowConfChanges=noReboot;sslCACert;useNoSSLForPackages;serverURL;disallowConfChanges;
sslCACert[comment]=The CA cert used to verify the ssl server
sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
# Akamai does not support http protocol, therefore setting this option as side effect disable "Location aware" function
useNoSSLForPackages[comment]=Use HTTP for package, package list, and header fetching (disable Akamai)
useNoSSLForPackages=0
retrieveOnly[comment]=Retrieve packages only
retrieveOnly=0
skipNetwork[comment]=Skips network information in hardware profile sync during registration.
skipNetwork=0
writeChangesToLog[comment]=Log to /var/log/up2date which packages has been added and removed
writeChangesToLog=0
stagingContent[comment]=Retrieve content of future actions in advance
stagingContent=1
stagingContentWindow[comment]=How much forward we should look for future actions. In hours.
stagingContentWindow=24
Any help would be greatly appreciated! Thanks so much!
-Nick
[new_sig]
[stifel-sig]
This message, and any of its attachments, is for the intended recipient(s) only, and it may contain information that is privileged, confidential, and/or proprietary and subject to important terms and conditions available at http://www.stifel.com/disclosures/emaildisclaimers/. If you are not the intended recipient, please delete this message and immediately notify the sender. No confidentiality, privilege, or property rights are waived or lost by any errors in transmission.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20171222/fb6a0d3d/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 5501 bytes
Desc: image001.png
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20171222/fb6a0d3d/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 6099 bytes
Desc: image002.png
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20171222/fb6a0d3d/attachment-0001.png>
More information about the Spacewalk-list
mailing list