Katello Cannot Sync New repositories via SSL


I am trying to synch the upstream docker and Centos 9 Stream Repositories and am getting a [Network Unreachable] Error on both of them. I have attempted to upload the SSL Client Certificate to Foreman and checked the “Verify SSL” box on the foreman-side repo - to no avail.

Expected outcome:
Repos sync as expected.

Foreman and Proxy versions:

Foreman 3.3.1

Content Proxy 3.2.0

Distribution and version:

CentOS 7.9.2009

Other relevant data:

Error Cannot connect to host download.docker.com:443 ssl:default [Network is unreachable]

First: centos stream repositories don’t require client certificates. They are public and open. Setting client certificates is pointless and may cause connection issues. Docker should be the same, at least for the ce edition.

The error message says that the server is unreachable through the network. Log into the foreman server and run curl https://download.docker.com/. According to the error messages this could already fail.

Generally: to find out if you have configured everything correctly you should the post the full configuration of one of those repositories to check. It’s hard to guess what you might have done without knowing…