Problem: when I use curl cmd register a new host,but it raises error
curl: (51) Unable to communicate securely with peer: requested domain name does not match the server’s certificate.
further,I already use --insecure option ,still raise this error
how to do ,thank you
by the way,when you install foreman ,how to set ur local FQDN?
**Expected outcome:**curl: (51) Unable to communicate securely with peer: requested domain name does not match the server’s certificate.
Foreman and Proxy versions:
Foreman and Proxy plugin versions:
Distribution and version:
Other relevant data:
based on docs,if use --insecure,host will auto download all ca file from server,yes?
but,it raise error
[root@opsmanages anchors]# curl -v -sS --insecure ‘https://192.168.204.82/register?location_id=2&organization_id=1&update_packages=false’ -H ‘Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjo0LCJpYXQiOjE3MDYwNzc0OTUsImp0aSI6IjM1YTVhYzk3MjA4MmJhZGQ5OGU2MDVmNDZkYjE3NzkwYmM0YTQ0ZWY1Nzc0MzNjODRkZjY1ZTJlNjdmNDIyZTkiLCJleHAiOjE3MDYwOTE4OTUsInNjb3BlIjoicmVnaXN0cmF0aW9uI2dsb2JhbCByZWdpc3RyYXRpb24jaG9zdCJ9.gfg2wyPg_c9NBtnoZ_I2EmhzlfqXhK_2XhBgDUAXtY8’ | bash
- About to connect() to 192.168.204.82 port 443 (#0)
- Trying 192.168.204.82…
- Connected to 192.168.204.82 (192.168.204.82) port 443 (#0)
- Initializing NSS with certpath: sql:/etc/pki/nssdb
- skipping SSL peer certificate verification
- NSS: client certificate not found (nickname not specified)
- SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- Server certificate:
- subject: CN=man2mon.pcl.ac.cn
- start date: Jan 21 07:39:18 2024 GMT
- expire date: Jan 18 07:39:20 2039 GMT
- common name: man2mon.pcl.ac.cn
- issuer: CN=Puppet CA: man2mon.pcl.ac.cn
GET /register?location_id=2&organization_id=1&update_packages=false HTTP/1.1
User-Agent: curl/7.29.0
Host: 192.168.204.82
Accept: /
Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjo0LCJpYXQiOjE3MDYwNzc0OTUsImp0aSI6IjM1YTVhYzk3MjA4MmJhZGQ5OGU2MDVmNDZkYjE3NzkwYmM0YTQ0ZWY1Nzc0MzNjODRkZjY1ZTJlNjdmNDIyZTkiLCJleHAiOjE3MDYwOTE4OTUsInNjb3BlIjoicmVnaXN0cmF0aW9uI2dsb2JhbCByZWdpc3RyYXRpb24jaG9zdCJ9.gfg2wyPg_c9NBtnoZ_I2EmhzlfqXhK_2XhBgDUAXtY8
< HTTP/1.1 200 OK
< Date: Wed, 24 Jan 2024 06:43:31 GMT
< Server: Apache
< Foreman_version: 3.9.1
< Foreman_api_version: 2
< Foreman_current_organization: 1; Default Organization
< Foreman_current_location: 2; Default Location
< Content-Type: text/plain; charset=utf-8
< ETag: W/“08bb44dbfb2473b8a08fff9ba0064d26”
< Cache-Control: max-age=0, private, must-revalidate
< X-Request-Id: dce40258-fd3a-495b-8f60-e7cb42a2e364
< X-Runtime: 0.113766
< Strict-Transport-Security: max-age=631139040; includeSubdomains
< X-Frame-Options: sameorigin
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< X-Download-Options: noopen
< X-Permitted-Cross-Domain-Policies: none
< Content-Security-Policy: default-src ‘self’; child-src ‘self’; connect-src ‘self’ ws: wss:; img-src ‘self’ data:; script-src ‘unsafe-eval’ ‘unsafe-inline’ ‘self’; style-src ‘unsafe-inline’ ‘self’
< Content-Length: 6718
< Set-Cookie: _session_id=5247b778c06a427b56b461bfcde29ea7; path=/; secure; HttpOnly; SameSite=Lax
< Via: 1.1 man2mon.pcl.ac.cn
<
{ [data not shown]
- Connection #0 to host 192.168.204.82 left intact
Running registration
curl: (51) Unable to communicate securely with peer: requested domain name does not match the server’s certificate.
later,I mannualy cp 2 ca files to host,still reprot error
I’m not sure which versions you are using, but try to see if you can find any useful information in our docs - Managing Hosts.