There is no entry in the proxy.log even with DEBUG Level.
Here the production.log
Processing by SmartProxiesController#create as HTML
>
> Parameters: {"utf8"=>"✓",
>> "authenticity_token"=>"1bX9tzzza7zXJhfdSR38lM6OJtuGsWskbYSBhc8l7eg=",
>> "smart_proxy"=>{"name"=>"test", "url"=>"https://doa.lan:8443",
>> "location_ids"=>["", ""]}, "commit"=>"Submit"}
>
> User Load (0.1ms) SELECT users.* FROM users WHERE users.id = 1
>> LIMIT 1
>
> Setting current user thread-local variable to admin
>
> (0.1ms) SELECT COUNT() FROM taxonomies WHERE taxonomies.type IN
>> ('Location')
>
> Setting current location thread-local variable to none
>
> (0.1ms) SELECT id FROM taxonomies WHERE taxonomies.type IN
>> ('Location') LIMIT 1
>
> (0.1ms) BEGIN
>
> SmartProxy Exists (0.1ms) SELECT 1 AS one FROM smart_proxies WHERE
>> smart_proxies.name = BINARY 'test' LIMIT 1
>
> SmartProxy Exists (0.1ms) SELECT 1 AS one FROM smart_proxies WHERE
>> smart_proxies.url = BINARY 'https://doa.lan:8443' LIMIT 1
>
> Feature Load (0.1ms) SELECT features. FROM features WHERE
>> features.name = 'TFTP' LIMIT 1
>
> Feature Load (0.1ms) SELECT features.* FROM features WHERE
>> features.name = 'BMC' LIMIT 1
>
> Feature Load (0.1ms) SELECT features.* FROM features WHERE
>> features.name = 'DNS' LIMIT 1
>
> Feature Load (0.1ms) SELECT features.* FROM features WHERE
>> features.name = 'DHCP' LIMIT 1
>
> Feature Load (0.1ms) SELECT features.* FROM features WHERE
>> features.name = 'Puppet CA' LIMIT 1
>
> Feature Load (0.1ms) SELECT features.* FROM features WHERE
>> features.name = 'Puppet' LIMIT 1
>
>
>> ==> /var/log/httpd/error_log <==
>
> [ 2013-08-20 14:02:36.4446 7396/7fe8f92f1700 Pool2/Implementation.cpp:1174
>> ]: [App 7537 stderr] /opt/rh/ruby193/root/usr/share/ruby/net/http.rb:799:
>> warning: exception in verify_callback is ignored
>
>
>> ==> /var/log/foreman/production.log <==
>
> (0.2ms) ROLLBACK
>
> Failed to save: Unable to communicate with the proxy: SSL_connect
>> returned=1 errno=0 state=SSLv3 read server certificate B: certificate
>> verify failed, Please check the proxy is configured and running on the host.
>
> CACHE (0.0ms) SELECT COUNT() FROM taxonomies WHERE
>> taxonomies.type IN ('Location')
>
> Location Load (0.2ms) SELECT taxonomies. FROM taxonomies WHERE
>> taxonomies.type IN ('Location')
>
> Taxonomy Load (0.1ms) SELECT taxonomies.id FROM taxonomies INNER JOIN
>> taxable_taxonomies ON taxonomies.id =
>> taxable_taxonomies.taxonomy_id WHERE taxable_taxonomies.taxable_id
>> IS NULL AND taxable_taxonomies.taxable_type = 'SmartProxy' AND
>> (taxonomies.type='Location')
>
> Rendered common/_edit_habtm.erb (2.7ms)
>
> Rendered smart_proxies/_form.html.erb (11.0ms)
>
> Rendered smart_proxies/new.html.erb within layouts/application (11.5ms)
>
> Rendered home/_user_dropdown.html.erb (1.2ms)
>
> Read fragment views/tabs_and_title_records-1 (0.1ms)
>
> Rendered home/_topbar.html.erb (1.7ms)
>
> Completed 200 OK in 53ms (Views: 17.6ms | ActiveRecord: 1.4ms)
>
>
>
The communication works right now if i switch to puppet certificates
/var/lib/puppet/ssl
···
On Tue, Aug 20, 2013 at 05:10:31AM -0700, Daniel Obi wrote:
> Greetings,
>
> i'm trying to setup ssl communication between foreman and foreman-proxy
> with keys / certs signed by our ca or openssl.
>
> Still getting this Error:
>
> > SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B:
> > certificate verify failed
>
>
> There is no entry in the proxy.log even with DEBUG Level.
>
> Here the production.log
>
> Processing by SmartProxiesController#create as HTML
> >
> > Parameters: {"utf8"=>"✓",
> >> "authenticity_token"=>"1bX9tzzza7zXJhfdSR38lM6OJtuGsWskbYSBhc8l7eg=",
> >> "smart_proxy"=>{"name"=>"test", "url"=>"https://doa.lan:8443",
> >> "location_ids"=>["", ""]}, "commit"=>"Submit"}
> >
> > User Load (0.1ms) SELECT `users`.* FROM `users` WHERE `users`.`id` = 1
> >> LIMIT 1
> >
> > Setting current user thread-local variable to admin
> >
> > (0.1ms) SELECT COUNT(*) FROM `taxonomies` WHERE `taxonomies`.`type` IN
> >> ('Location')
> >
> > Setting current location thread-local variable to none
> >
> > (0.1ms) SELECT id FROM `taxonomies` WHERE `taxonomies`.`type` IN
> >> ('Location') LIMIT 1
> >
> > (0.1ms) BEGIN
> >
> > SmartProxy Exists (0.1ms) SELECT 1 AS one FROM `smart_proxies` WHERE
> >> `smart_proxies`.`name` = BINARY 'test' LIMIT 1
> >
> > SmartProxy Exists (0.1ms) SELECT 1 AS one FROM `smart_proxies` WHERE
> >> `smart_proxies`.`url` = BINARY 'https://doa.lan:8443' LIMIT 1
> >
> > Feature Load (0.1ms) SELECT `features`.* FROM `features` WHERE
> >> `features`.`name` = 'TFTP' LIMIT 1
> >
> > Feature Load (0.1ms) SELECT `features`.* FROM `features` WHERE
> >> `features`.`name` = 'BMC' LIMIT 1
> >
> > Feature Load (0.1ms) SELECT `features`.* FROM `features` WHERE
> >> `features`.`name` = 'DNS' LIMIT 1
> >
> > Feature Load (0.1ms) SELECT `features`.* FROM `features` WHERE
> >> `features`.`name` = 'DHCP' LIMIT 1
> >
> > Feature Load (0.1ms) SELECT `features`.* FROM `features` WHERE
> >> `features`.`name` = 'Puppet CA' LIMIT 1
> >
> > Feature Load (0.1ms) SELECT `features`.* FROM `features` WHERE
> >> `features`.`name` = 'Puppet' LIMIT 1
> >
> >
> >> ==> /var/log/httpd/error_log <==
> >
> > [ 2013-08-20 14:02:36.4446 7396/7fe8f92f1700 Pool2/Implementation.cpp:1174
> >> ]: [App 7537 stderr] /opt/rh/ruby193/root/usr/share/ruby/net/http.rb:799:
> >> warning: exception in verify_callback is ignored
> >
> >
> >> ==> /var/log/foreman/production.log <==
> >
> > (0.2ms) ROLLBACK
> >
> > Failed to save: Unable to communicate with the proxy: SSL_connect
> >> returned=1 errno=0 state=SSLv3 read server certificate B: certificate
> >> verify failed, Please check the proxy is configured and running on the host.
> >
> > CACHE (0.0ms) SELECT COUNT(*) FROM `taxonomies` WHERE
> >> `taxonomies`.`type` IN ('Location')
> >
> > Location Load (0.2ms) SELECT `taxonomies`.* FROM `taxonomies` WHERE
> >> `taxonomies`.`type` IN ('Location')
> >
> > Taxonomy Load (0.1ms) SELECT taxonomies.id FROM `taxonomies` INNER JOIN
> >> `taxable_taxonomies` ON `taxonomies`.`id` =
> >> `taxable_taxonomies`.`taxonomy_id` WHERE `taxable_taxonomies`.`taxable_id`
> >> IS NULL AND `taxable_taxonomies`.`taxable_type` = 'SmartProxy' AND
> >> (taxonomies.type='Location')
> >
> > Rendered common/_edit_habtm.erb (2.7ms)
> >
> > Rendered smart_proxies/_form.html.erb (11.0ms)
> >
> > Rendered smart_proxies/new.html.erb within layouts/application (11.5ms)
> >
> > Rendered home/_user_dropdown.html.erb (1.2ms)
> >
> > Read fragment views/tabs_and_title_records-1 (0.1ms)
> >
> > Rendered home/_topbar.html.erb (1.7ms)
> >
> > Completed 200 OK in 53ms (Views: 17.6ms | ActiveRecord: 1.4ms)
> >
> >
> >
> The communication works right now if i switch to puppet certificates
> /var/lib/puppet/ssl
>
> Any idea what i'm missing?
>
> greetings
>
> Daniel
>
> --
> You received this message because you are subscribed to the Google Groups "Foreman users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to foreman-users+unsubscribe@googlegroups.com.
> To post to this group, send email to foreman-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/foreman-users.
> For more options, visit https://groups.google.com/groups/opt_out.
Hi Lukas,
yes thats right, with puppet certs it worked right away.
i checked the openssl created certs and there is a mismatch in the CN.
but ich also checked the certs from our company CA and there is the CN the
same like the hostname.(and still no luck)
we have a sub CA might this cause also more trouble??
i will create new certs with openssl and the right CN tomorrow.
No luck, created new Certs with correct CN=xxx.xx but still the same error.
···
Am Dienstag, 20. August 2013 16:41:35 UTC+2 schrieb Daniel Obi:
>
> Hi Lukas,
> yes thats right, with puppet certs it worked right away.
>
> i checked the openssl created certs and there is a mismatch in the CN.
>
> but ich also checked the certs from our company CA and there is the CN the
> same like the hostname.(and still no luck)
> we have a sub CA might this cause also more trouble??
>
> i will create new certs with openssl and the right CN tomorrow.
>
