Problem:
My foreman-installer run worked before, but then I added --foreman-proxy-plugin-discovery-install-images=true --foreman-proxy-tftp=true --foreman-proxy-dhcp=true and got the error in the subject in my proxy.log and a 500 error in my production.log
Expected outcome:
A completed installation with tftp and dhcp enabled
Foreman and Proxy versions:
3.13.0~rc2-1+debian12
WEBrick 1.8.1
Foreman and Proxy plugin versions:
Distribution and version:
Debian 12
Other relevant data:
I used the following foreman-installer instruction:
–no-enable-apache-mod-status --enable-foreman --enable-foreman-cli --enable-foreman-cli-ansible --enable-foreman-cli-discovery --no-enable-foreman-cli-puppet --enable-foreman-cli-ssh --no-enable-puppet --no-enable-foreman-plugin-acd --enable-foreman-plugin-ansible --no-enable-foreman-plugin-azure --enable-foreman-plugin-bootdisk --no-enable-foreman-plugin-default-hostgroup --no-enable-foreman-plugin-dhcp-browser --enable-foreman-plugin-discovery --no-enable-foreman-plugin-dlm --no-enable-foreman-plugin-git-templates --no-enable-foreman-plugin-google --no-enable-foreman-plugin-kubevirt --no-enable-foreman-plugin-leapp --enable-foreman-plugin-monitoring --no-enable-foreman-plugin-netbox --no-enable-foreman-plugin-omaha --no-enable-foreman-plugin-openscap --no-enable-foreman-plugin-ovirt-provision --no-enable-foreman-plugin-proxmox --no-enable-foreman-plugin-puppet --no-enable-foreman-plugin-puppetdb --enable-foreman-plugin-tasks --no-enable-foreman-plugin-vault --enable-foreman-plugin-webhooks --enable-foreman-proxy-plugin-ansible --enable-foreman-proxy-plugin-discovery --no-enable-foreman-proxy-plugin-salt --no-enable-foreman-proxy-plugin-omaha --foreman-proxy-ssl-ca /etc/puppetlabs/puppet/ssl/ca/ca_crt.pem --foreman-proxy-ssl-cert /etc/puppetlabs/puppet/ssl/certs/foreman.domain.pem --foreman-proxy-ssl-key /etc/puppetlabs/puppet/ssl/private_keys/foreman.domain.pem --foreman-proxy-plugin-discovery-install-images=true --foreman-proxy-tftp=true --foreman-proxy-dhcp=true
Earlier I had used the same without the last three options and all was fine. After I tried adding those I got the error. Ever since then I can not complete an installation, I always get the same error.
My certificate has the following data (as per proxy.log)
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:0e:a3:04:fa:68:67:f9:ba:6f:84:etc …
Signature Algorithm: sha384WithRSAEncryption
Issuer: CN=Puppet CA: hostname.domain.com
Validity
Not Before: Nov 22 14:49:30 2024 GMT
Not After : Nov 22 14:49:35 2025 GMT
Subject: C=NL, ST=Noord Holland, L=Amsterdam, O=Org, OU=CTB, CN=hostname, DC=domain.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bc:8d:95:a2:c3:0a:4e:7a:7f:30:62:f3:50:5a:
etc.
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Extended Key Usage:
TLS Web Client Authentication, TLS Web Server Authentication
X509v3 Subject Alternative Name:
DNS:hostname.domain.com, DNS:foreman.domain.com, URI:https://hostname.domain.com, URI:https://foreman.domain.com, IP Address:my.ipv4.address
X509v3 Key Usage: critical
Key Encipherment
X509v3 Subject Key Identifier:
4A:86:25:1F:53:etc…
X509v3 Authority Key Identifier:
1A:AC:E2:E5:C2:CD:etc…
Signature Algorithm: sha384WithRSAEncryption
Signature Value:
ad:86:1b:22:46:42:ee:43:3d:ad:87:b6:f7:44:20:fa:16:b1:
etc…
The foreman server and the foreman proxy run on the same machine. I don;t understand why it stopped working. Can anyone help?
Thanks in advance
Daniel