[Spacewalk-list] More Spacewalk 26 Certificate Problems....can't get 3rd party cert to work with osa-dispatcher and jabber
Eric
ericb at enrsystems.com
Thu Jun 8 19:26:53 UTC 2017
SUCCESS!
Ok, so the main issue is that all of the available docs "assume" that the CSR
is generated on the Spacewalk server, which is not always the case. Since we
use a tool for our company, and you do the CSR on the tool itself....you have
to download that in addition to the cert. You also have to use the private
key.
So the additional steps in my case were:
retrieve the CSR and copy it to /root/ssl-build/<hostname>/server.csr
retrieve the .key file, use openssl rsa to strip the password out, and copy it
to /root/ssl-build/<hostname>/server.key
In addition, these steps in the Redhat doc break osa-dispatcher:
# cp /etc/httpd/conf/ssl.key/server.key /etc/jabberd/server.pem
# cat /etc/httpd/conf/ssl.crt/server.crt >> /etc/jabberd/server.pem
# cp /etc/jabberd/server.pem /etc/pki/spacewalk/jabberd/server.pem
Do NOT do those steps.
With the exception of the additional steps I did regarding the key and csr, I
followed the current Spacewalk 2.6 Oracle document linked to previously.
Thanks everybody for the help!
On Thursday 08 June 2017 09:12:23 David Hrbáč wrote:
> Avi,
>
> I realised meanwhile. Thanks fro sharing. It helped with our CA.
>
> Thanks,
> DH
>
> 2017-06-07 21:36 GMT+02:00 Avi Miller <avi.miller at oracle.com>:
> > Hi,
> >
> > On 8 Jun 2017, at 5:30 am, David Hrbáč <david-lists at hrbac.cz> wrote:
> >
> > Interesting reading is also here https://omg.dje.li/2017/
> > 04/using-lets-encrypt-ssl-certificates-with-spacewalk/
> >
> >
> > Glad you like it, that’s my personal blog. :)
> >
> > Cheers,
> > Avi
> >
> > --
> > Oracle <http://www.oracle.com>
> > Avi Miller | Product Management Director | +61 (3) 8616 3496
> > <+61%203%208616%203496>
> > Oracle Linux and Virtualization
> > 417 St Kilda Road, Melbourne, Victoria 3004 Australia
> >
> >
> > _______________________________________________
> > Spacewalk-list mailing list
> > Spacewalk-list at redhat.com
> > https://www.redhat.com/mailman/listinfo/spacewalk-list
More information about the Spacewalk-list
mailing list