Installed Custom CA SSL Certificates - Remote Execution stops working

I have a Foreman/Katello installation with selfsigned certificates and I can perform unattended installations and execute jobs remotely. When I install custom SSL certificates, remote execution stops working with the error: “Failed to initialize: RuntimeError - The only applicable proxy myserver is down” - Previously it was working.

When I check the certificates by katello-certs-check -c “/etc/pki/katello/certs/myserver.crt” -k /etc/pki/katello/private/myserver.key -b /etc/pki/katello/certs/CAbundle.crt I get no errors

Certificate installation/modification with:
foreman-installer --scenario katello --certs-server-cert “/etc/pki/katello/certs/myserver.crt” --certs-server-key “/etc/pki/katello/private/myserver.key” --certs-server-ca-cert “/etc/pki/katello/certs/CAbundle.crt” --certs-update-server --certs-update-server-ca
Returns no errors

Foreman and Proxy versions:
Foreman 1.22, Katello 3.12

It may be related to smart proxy and smart proxy dynflow core SSL mismatch. The certificate used by both needs to have the same serial. cc @aruzicka perhaps he knows more.

Should the following 3 files show to the same certtificate/key/CAauthority, i.e. custom ones?


The web interface goes uses https after the custom certificate installation.

Fi have read several posts on in relation to this issue, none of which applied 100% to my issue. I decided to reboot the proxy server and the clients and it worked.