Not able to add repository

Support
1

Problem:
I have created product from console.
Not able to add Local repo to product. getting error ‘SSL_read:tlsv1 alert unknown ca’
I will attach screenshot of settings.

Expected outcome:
Repository should get added.

Foreman and Proxy versions:

Foreman and Proxy plugin versions:

Distribution and version:

Other relevant data:

2

tlsv1
tlsv11887×985 121 KB

tlsv1-2
tlsv1-21840×926 100 KB

3

  1. The original issue with error ‘SSL_read:tlsv1 alert unknown ca’ is resolved.
    Changed option ‘SSLVerifyClient’ in file ‘/etc/httpd/conf.d/05-foreman-ssl.conf’
    Original: SSLVerifyClient optional
    After change: SSLVerifyClient optional_no_ca

foreman-auth-error
foreman-auth-error1860×911 120 KB

Still not able to add repository.
New error: “Authentication credentials were not provided.”

Production.log: (Let me know if you need entire production log
5a73ae2e | /usr/share/gems/gems/puma-5.6.5/lib/puma/request.rb:76:in handle_request' 5a73ae2e | /usr/share/gems/gems/puma-5.6.5/lib/puma/server.rb:443:in process_client’
5a73ae2e | /usr/share/gems/gems/puma-5.6.5/lib/puma/thread_pool.rb:147:in block in spawn_thread' 5a73ae2e | [ concurrent-ruby ] 2023-03-15T08:58:26 [I|bac|5a73ae2e] Task {label: Actions::Katello::Repository::CreateRoot, id: d4ee3439-3b50-449d-9e61-cb6298bcc5b0, execution_plan_id: 398b093c-d77c-4421-aae8-ad0b45979c3b} state changed: stopped result: error 2023-03-15T08:58:26 [E|app|5a73ae2e] Katello::Errors::Pulp3Error: Authentication credentials were not provided. 5a73ae2e | /usr/share/gems/gems/katello-4.7.2/app/services/katello/pulp3/service_common.rb:62:in rescue in reformat_api_exception’
5a73ae2e | /usr/share/gems/gems/katello-4.7.2/app/services/katello/pulp3/service_common.rb:57:in reformat_api_exception' 5a73ae2e | /usr/share/gems/gems/katello-4.7.2/app/services/katello/pulp3/service_common.rb:11:in create_remote’
5a73ae2e | /usr/share/gems/gems/katello-4.7.2/app/services/katello/pulp3/repository.rb:71:in `create_remote’

4

Important details that I missed:

Foreman and Proxy versions:

rubygem-foreman_column_view-0.4.0-6.fm3_3.el8.noarch
foreman-vmware-3.4.1-1.el8.noarch
foreman-selinux-3.4.1-1.el8.noarch
rubygem-hammer_cli_foreman_remote_execution-0.2.2-1.fm3_0.el8.noarch
foreman-debug-3.4.1-1.el8.noarch
foreman-dynflow-sidekiq-3.4.1-1.el8.noarch
rubygem-foreman_maintain-1.2.1-1.el8.noarch
rubygem-foreman_discovery-21.0.4-1.fm3_4.el8.noarch
foreman-installer-katello-3.4.1-1.el8.noarch
foreman-proxy-3.4.1-1.el8.noarch
rubygem-hammer_cli_foreman-3.4.0-1.el8.noarch
foreman-installer-3.4.1-1.el8.noarch
rubygem-hammer_cli_foreman_tasks-0.0.17-1.fm3_2.el8.noarch
foreman-3.4.1-1.el8.noarch
rubygem-foreman_remote_execution-8.0.0-2.fm3_4.el8.noarch
foreman-ec2-3.4.1-1.el8.noarch
foreman-release-3.4.1-1.el8.noarch
foreman-service-3.4.1-1.el8.noarch
rubygem-foreman-tasks-7.0.0-1.fm3_4.el8.noarch
rubygem-foreman_default_hostgroup-6.0.0-2.fm3_3.el8.noarch
foreman-cli-3.4.1-1.el8.noarch
rubygem-foreman_memcache-0.1.1-5.fm3_3.el8.noarch
foreman-postgresql-3.4.1-1.el8.noarch

Distribution and version:
Red hat 8.6
Foreman 3.5 with Katello 4.7

5

I tried to create another repository using Hammer command line. It fails with same error.

Steps followed:

  1. Created product ‘CentOS 7 Linux x86_64’
  2. Created key ‘RPM-GPG-KEY-CentOS-7’ in content → “content credentials”.
  3. Steill getting same error. Authentication credentials were not provided 
[root@sjprdsatapp01 foreman-installer]# hammer content-credentials list --organization-id 1
---|--------------------------------|-------------
ID | NAME                           | CONTENT TYPE
---|--------------------------------|-------------
4  | RPM-GPG-KEY-CentOS-7           | gpg_key
3  | RPM-GPG-KEY-CentOS-SIG-Storage | gpg_key
---|--------------------------------|-------------
[root@sjprdsatapp01 foreman-installer]# hammer -v repository create --organization cadence --product "CentOS 7 Linux x86_64"  --name "CentOS 7 OS x86_64" --label "CentOS_7_Linux_x86_64" --content-type "yum" --download-policy "on_demand" --gpg-key-id 4 --url "http://172.13.13.16/images/centos-7-x86_64/7.9.2009/os/" --mirror-on-sync "no"
Could not create the repository:
  **Authentication credentials were not provided.**
7

Checking more information.
Files pointed by pulpcore_postgresql_ssl_cert and pulpcore_postgresql_ssl_key do not exist on system. Is this causing the issue?

# cat /etc/foreman-installer/scenarios.d/katello-answers.yaml | grep -i pulp
  pulpcore_mirror: false
  pulpcore_manage_postgresql: false
  pulpcore_postgresql_host: sjprdsatdb01.cadence.com
  pulpcore_postgresql_port: 5432
  pulpcore_allowed_content_checksums:
  pulpcore_postgresql_user: pulp
  pulpcore_postgresql_password: cadence123
  pulpcore_postgresql_db_name: pulpcore
  pulpcore_postgresql_ssl: false
  pulpcore_postgresql_ssl_require: true
  pulpcore_postgresql_ssl_cert: "/etc/pki/katello/certs/pulpcore-database.crt"          <----
  pulpcore_postgresql_ssl_key: "/etc/pki/katello/private/pulpcore-database.key"     <----
  pulpcore_postgresql_ssl_root_ca: "/etc/pki/tls/certs/ca-bundle.crt"
  pulpcore_postgresql_ssl_root_ca: "/etc/pki/katello/certs/katello-server-ca.crt"
  pulpcore_worker_count: 8
  pulpcore_django_secret_key:
  pulpcore_content_service_worker_timeout: 90
  pulpcore_api_service_worker_timeout: 90
  pulpcore_cache_enabled: true
  pulpcore_cache_expires_ttl:
  pulpcore_additional_import_paths: []
  pulpcore_additional_export_paths: []
  pulpcore_telemetry: false

Please provide an update on this? This looks like a bug.
Let me know if more information is required.

8

Need someone to help with this.
Still getting the same error Authentication credentials were not provided
Not sure which logs to check apart from ‘production.log’ for this error.
The yum repository is local and does not have any credentials.