Hello,
While attempting to install Foreman 3.12.0 + Katello 4.14.1, I encountered the following error during the foreman-installer --scenario katello execution:
Error Details:
• The keytool utility failed to generate or import keys for the keystore and truststore due to the absence of the -keyalg option.
• Relevant messages include:
• keytool error: java.lang.Exception: The -keyalg option must be specified
• Keystore file exists, but is empty: /etc/candlepin/certs/keystore
This indicates the installer script omitted specifying the key algorithm (-keyalg), which is mandatory for the keytool command.
Solution
- Remove the existing keystore and truststore files:
rm -f /etc/candlepin/certs/keystore
rm -f /etc/candlepin/certs/truststore
2.Edit the Ruby script that manages keystore generation:
• Open the file and navigate to line 56 (you can enable line numbers in vi with :set number):
vi /usr/share/foreman-installer/modules/certs/lib/puppet_x/certs/provider/keystore.rb
- Add the -keyalg option:
Before:
‘-J-Dcom.redhat.fips=false’
After:
‘-J-Dcom.redhat.fips=false’,
‘-keyalg’, ‘RSA’
Updated Block:
48 begin
49 keytool(
50 ‘-genkey’,
51 ‘-storetype’, ‘pkcs12’,
52 ‘-keystore’, store,
53 ‘-storepass:file’, resource[:password_file],
54 ‘-alias’, temp_alias,
55 ‘-dname’, “CN=#{temp_alias}”,
56 ‘-J-Dcom.redhat.fips=false’,
57 ‘-keyalg’, ‘RSA’
58 )
59 rescue Puppet::ExecutionFailure => e
60 Puppet.err(“Failed to generate new #{type} with temporary entry: #{e}”)
61 return nil
62 end
- Re-run the installer:
foreman-installer --scenario katello