Anyone make any progress on this issue? I have a server rebuild that is encountering the same issue and want to know if any progress has been made troubleshooting this. Any suggestions on how to continue troubleshooting this on my end would be greatly appreciated as well.
Could this be due to the transition from pulp2 to pulpcore for yum repositories in katello?
I just tested a Foreman/Katello server (2.1/3.16) that is still using pulp2 for yum repos and the manifest imported fine, synced some red hat repos and then verified that I could access the files in said repo via katello.
This is making me strongly suspect that this is a pulp3(pulpcore) problem.
I’ve been fighting this same issue. My original server started at 3.13 and has been upgraded to every release up to 4.0. We also use custom SSL certificates from our internal CA. With the 4.0 upgrade I had this exact issue and couldn’t access the RHEL repos anymore. I rolled back my snapshot to 3.18.2 until I noticed that new CVs were not actually publishing new content. I ended up deploying a new 4.0 server from scratch and again ran into this issue. After redeploying again with the default self signed SSL certificates and then updating to my custom SSL certs I was able to get the main server working. My current problem is with Smart Proxies. I am able to register systems using our custom SSL certs but I can’t access RHEL repos. I had no luck with the ssl.conf change suggested. I’m just finishing up a proxy server rebuild and will continue digging into this issue.
On a side note, the original poster was using 3.16. I have built up servers and smart proxies with 3.17, 3.18, and 4.0 and have verified that this SSL issue is present since all those versions use Pulp3 for content with new builds. My problems all started after I did the pulp 2 to 3 migration. I also tested the main server and proxy using the default self signed certs but couldn’t get the proxy to register because the self signed certs were not trusted.