Problem:
I’m installing a new Foreman server, with Foreman 3.4 and Katello 4.6 on Alma Linux 8.7. On the server, I have run
katello-certs-check -t foreman -c /etc/pki/katello/certs/katello-apache.crt -k /etc/pki/katello/private/katello-apache.key -b /etc/pki/katello/certs/katello-server-ca.crt
followed by
foreman-installer --scenario katello
The foreman-installer
command installs the RPM file katello-ca-consumer-<foreman.server.name>-1.0-1.noarch.rpm
along with the symlink katello-ca-consumer-latest.noarch.rpm
into the Apache directory /var/www/html/pub. So far so good.
But when I try to install that package on a host, it apparently succeeds, but with an error that the cert directory /etc/rhsm/ca
doesn’t exist:
# dnf localinstall http://<foreman.server.name>/pub/katello-ca-consumer-latest.noarch.rpm
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered with an entitlement server. You can use subscription-manager to register.
Last metadata expiration check: 0:00:20 ago on Tue 15 Nov 2022 01:57:53 PM EST.
katello-ca-consumer-latest.noarch.rpm 980 kB/s | 9.8 kB 00:00
Dependencies resolved.
============================================================================================================
Package Architecture Version Repository Size
============================================================================================================
Installing:
katello-ca-consumer-<foreman.server.name> noarch 1.0-1 @commandline 9.8 k
Transaction Summary
============================================================================================================
Install 1 Package
Total size: 9.8 k
Installed size: 7.6 k
Is this ok [y/N]: y
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : katello-ca-consumer-<foreman.server.name>-1.0-1.noarch 1/1
Running scriptlet: katello-ca-consumer-<foreman.server.name>-1.0-1.noarch 1/1
/usr/bin/katello-rhsm-consumer: line 130: /etc/rhsm/ca/katello-server-ca.pem: No such file or directory
warning: %post(katello-ca-consumer-<foreman.server.name>-1.0-1.noarch) scriptlet failed, exit status 1
Error in POSTIN scriptlet in rpm package katello-ca-consumer-<foreman.server.name>
Verifying : katello-ca-consumer-<foreman.server.name>-1.0-1.noarch 1/1
Installed products updated.
Installed:
katello-ca-consumer-<foreman.server.name>-1.0-1.noarch
Complete!
The result of this is that the katello-ca-consumer package is installed, but the certs cert.pem
and key.pem
do not get installed in /etc/pki/consumer, and I cannot register the host with the server.
Have I missed a step in the setup? How can I correct this?
Expected outcome:
Installation of katello-ca-consumer package succeeds without errors.
Foreman and Proxy versions:
3.4.0
Foreman and Proxy plugin versions:
Katello 4.6.0
Distribution and version:
Alma Linux 8.7