Problem:
Delete orphaned content tasks gives an SSL error, all other tasks complete as expected. The only task experiencing the SSL error appears to be the delete orphaned content task.
Expected outcome:
Successful task completion
Foreman and Proxy versions:
Foreman 3.11.2
Foreman and Proxy plugin versions:
Foreman 3.11.2
Katello 4.13.1
Distribution and version:
RHEL 8
Other relevant data:
task output:
There was an issue with the backend service pulp3: SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate)There was an issue with the backend service pulp3: SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate)
output from cert check:
katello-certs-check -c /etc/foreman-proxy/ssl_cert.pem -k /etc/foreman-proxy/ssl_key.pem -b /etc/foreman-proxy/ssl_ca.pem
Checking server certificate encoding:
[OK]
Checking expiration of certificate:
[OK]
Checking expiration of CA bundle:
[OK]
Checking if server certificate has CA:TRUE flag
[OK]
Checking for private key passphrase:
[OK]
Checking to see if the private key matches the certificate:
[OK]
Checking CA bundle against the certificate file:
[OK]
Checking CA bundle size: 1
[OK]
Checking if CA bundle has trust rules: 0
[OK]
Checking Subject Alt Name on certificate
[OK]
Checking if any Subject Alt Name on certificate matches the Subject CN
[OK]
Checking Key Usage extension on certificate for Key Encipherment
[OK]
Checking for use of shortname as CN
[OK]
Validation succeeded
Looking at the task history it appears this task has failed since we upgraded to foreman 3.8 several months ago, but this went unnoticed.