Problem:
Registering a new build RHEL 8.6 host from a Katello instance running RHEL 8.5 fails with the following error…
Error loading certificate: [Errno 2] No such file or directory: ‘/etc/pki/consumer/cert.pem’
Is this to be expected and if so is there any workaround?
Foreman and Proxy versions:
Installed Packages
foreman.noarch 3.3.0-1.el8 @foreman
katello.noarch 4.5.0-1.el8 @katello
Could you please specify what steps you have taken before you got the error? There are several ways to register new host. That will help to figure out, where the problem may be.
Thanks Marek,
I have now discovered that the RHEL8 CRYPTO policy is affecting the registration and suggests that my custom CA certs are no longer strong enough.
# update-crypto-policies --show
FUTURE
# update-crypto-policies --set LEGACY
Setting system policy to LEGACY
# systemctl reboot
This then allowed the registration to complete so now I need to investigate the deployment of stronger certs.
The registration was by generating a curl command under ‘register host’ and running that locally.