Problems adding custom certs into Foreman/Katello

Problem:

I’ve tried to install a scenario of Foreman/Katello with my custom certificates as manual says…

https://theforeman.org/plugins/katello/3.12/advanced/certificates.html

foreman-installer --scenario katello --certs-server-cert certs/wildcard_ieca.junta-andalucia.es.crt --certs-server-cert-req certs/wildcard_ieca.junta-andalucia.es.req --certs-server-key certs/wildcard_ieca.junta-andalucia.es.key --certs-server-ca-cert certs/AC_FNMT_Foreman.crt

The problem is that give me an error and write this in the foreman-installer/katello.log

ESC[0m
ESC[mNotice: Compiled catalog for foreman-ssl.ieca.junta-andalucia.es in environment production in 0.68 secondsESC[0m
ESC[mNotice: Applied catalog in 0.07 secondsESC[0m

[ INFO 2019-08-13T13:57:25 main] ... finished
[ INFO 2019-08-13T13:57:25 main] Executing hooks in group pre_values
[ INFO 2019-08-13T13:57:25 main] All hooks in group pre_values finished
[ INFO 2019-08-13T13:57:25 main] Running installer with args [["--scenario", "katello", "--certs-server-cert", "certs/wildcard_ieca.junta-andalucia.es.crt", "--certs-server-cert-req", "certs/wildcard_ieca.junta-andalucia.es.req", "--certs-server-key", "certs/wildcard_ieca.junta-andalucia.es.key", "--certs-server-ca-cert", "certs/AC_FNMT_Foreman.crt"]]
[ INFO 2019-08-13T13:57:25 main] Executing hooks in group pre_validations
[DEBUG 2019-08-13T13:57:25 main] Hook /usr/share/foreman-installer/katello/hooks/pre_validations/10-check_foreman_proxy_pulp.rb returned nil
[DEBUG 2019-08-13T13:57:25 main] Hook /usr/share/foreman-installer/katello/hooks/pre_validations/12-check_capsule_tar.rb returned nil
[DEBUG 2019-08-13T13:57:25 main] Hook /usr/share/foreman-installer/katello/hooks/pre_validations/30-mongo_storage_engine.rb returned nil
[DEBUG 2019-08-13T13:57:25 main] Hook /usr/share/foreman-installer/katello/hooks/pre_validations/31-upgrade-puppet.rb returned nil
[ INFO 2019-08-13T13:57:25 main] All hooks in group pre_validations finished
[ INFO 2019-08-13T13:57:25 main] Running validation checks
[ERROR 2019-08-13T13:57:25 main] Parameter certs-server-cert invalid: certs/wildcard_ieca.junta-andalucia.es.crt is not one of regexes matching /^(([a-zA-Z]:[\\\/])|([\\\/][\\\/][^\\\/]+[\\\/][^\\\/]+)|([\\\/][\\\/]\?[\\\/][^\\\/]+))/ or regexes matching /^\/([^\/\0]+\/*)*$/
[ERROR 2019-08-13T13:57:25 main] Parameter certs-server-key invalid: certs/wildcard_ieca.junta-andalucia.es.key is not one of regexes matching /^(([a-zA-Z]:[\\\/])|([\\\/][\\\/][^\\\/]+[\\\/][^\\\/]+)|([\\\/][\\\/]\?[\\\/][^\\\/]+))/ or regexes matching /^\/([^\/\0]+\/*)*$/
[ERROR 2019-08-13T13:57:25 main] Parameter certs-server-cert-req invalid: certs/wildcard_ieca.junta-andalucia.es.req is not one of regexes matching /^(([a-zA-Z]:[\\\/])|([\\\/][\\\/][^\\\/]+[\\\/][^\\\/]+)|([\\\/][\\\/]\?[\\\/][^\\\/]+))/ or regexes matching /^\/([^\/\0]+\/*)*$/
[ERROR 2019-08-13T13:57:25 main] Parameter certs-server-ca-cert invalid: certs/AC_FNMT_Foreman.crt is not one of regexes matching /^(([a-zA-Z]:[\\\/])|([\\\/][\\\/][^\\\/]+[\\\/][^\\\/]+)|([\\\/][\\\/]\?[\\\/][^\\\/]+))/ or regexes matching /^\/([^\/\0]+\/*)*$/
[DEBUG 2019-08-13T13:57:25 main] Exit with status code: 21 (signal was invalid_values)
[ERROR 2019-08-13T13:57:25 main] Errors encountered during run:
[ERROR 2019-08-13T13:57:25 main] Parameter certs-server-cert invalid: certs/wildcard_ieca.junta-andalucia.es.crt is not one of regexes matching /^(([a-zA-Z]:[\\\/])|([\\\/][\\\/][^\\\/]+[\\\/][^\\\/]+)|([\\\/][\\\/]\?[\\\/][^\\\/]+))/ or regexes matching /^\/([^\/\0]+\/*)*$/
[ERROR 2019-08-13T13:57:25 main] Parameter certs-server-key invalid: certs/wildcard_ieca.junta-andalucia.es.key is not one of regexes matching /^(([a-zA-Z]:[\\\/])|([\\\/][\\\/][^\\\/]+[\\\/][^\\\/]+)|([\\\/][\\\/]\?[\\\/][^\\\/]+))/ or regexes matching /^\/([^\/\0]+\/*)*$/
[ERROR 2019-08-13T13:57:25 main] Parameter certs-server-cert-req invalid: certs/wildcard_ieca.junta-andalucia.es.req is not one of regexes matching /^(([a-zA-Z]:[\\\/])|([\\\/][\\\/][^\\\/]+[\\\/][^\\\/]+)|([\\\/][\\\/]\?[\\\/][^\\\/]+))/ or regexes matching /^\/([^\/\0]+\/*)*$/
[ERROR 2019-08-13T13:57:25 main] Parameter certs-server-ca-cert invalid: certs/AC_FNMT_Foreman.crt is not one of regexes matching /^(([a-zA-Z]:[\\\/])|([\\\/][\\\/][^\\\/]+[\\\/][^\\\/]+)|([\\\/][\\\/]\?[\\\/][^\\\/]+))/ or regexes matching /^\/([^\/\0]+\/*)*$/
[DEBUG 2019-08-13T13:57:25 main] Cleaning /tmp/kafo_puppet20190813-2065-b6t1p7.conf
[DEBUG 2019-08-13T13:57:25 main] Cleaning /tmp/default_values.yaml
[ INFO 2019-08-13T13:57:25 main] Installer finished in 5.154968775 seconds

I have read that I can encapsule the certs into a tar with ```
capsule-certs-generate, but Foreman doesn’t give me this chance, I think it’s only for Red Hat Satellite


**Expected outcome:**

Install Foreman/Katello with my custom certificates


**Foreman and Proxy versions:**

Foreman 1.22
Katello 3.12

**Foreman and Proxy plugin versions:**

Foreman 1.22
Katello 3.12

**Other relevant data:**
[e.g. logs from Foreman and/or the Proxy, modified templates, commands issued, etc]
(for logs, surround with three back-ticks to get proper formatting, e.g.)

logs

I forgot it… I ran katello-certs-check with my certs and all OK

[root@foreman-ssl ~]# katello-certs-check -c certs/wildcard_ieca.junta-andalucia.es.crt -k certs/wildcard_ieca.junta-andalucia.es.key -b certs/AC_FNMT_Foreman.crt
Checking server certificate encoding:
[OK]

date: fecha inválida «ago 13 12:02:20 2019»
Checking expiration of certificate:
[OK]

Checking expiration of CA bundle:
[OK]

Checking if server certificate has CA:TRUE flag
[OK]

Checking to see if the private key matches the certificate:
[OK]

Checking CA bundle against the certificate file:
[OK]

Checking Subject Alt Name on certificate
[OK]

Checking Key Usage extension on certificate for Key Encipherment
[OK]

Validation succeeded

To use them inside a NEW $FOREMAN_PROXY, run this command:

  foreman-proxy-certs-generate --foreman-proxy-fqdn "$FOREMAN_PROXY" \
                               --certs-tar  "~/$FOREMAN_PROXY-certs.tar" \
                               --server-cert "/root/certs/wildcard_ieca.junta-andalucia.es.crt" \
                               --server-key "/root/certs/wildcard_ieca.junta-andalucia.es.key" \
                               --server-ca-cert "/root/certs/AC_FNMT_Foreman.crt" \

To use them inside an EXISTING $FOREMAN_PROXY, run this command INSTEAD:

  foreman-proxy-certs-generate --foreman-proxy-fqdn "$FOREMAN_PROXY" \
                               --certs-tar  "~/$FOREMAN_PROXY-certs.tar" \
                               --server-cert "/root/certs/wildcard_ieca.junta-andalucia.es.crt" \
                               --server-key "/root/certs/wildcard_ieca.junta-andalucia.es.key" \
                               --server-ca-cert "/root/certs/AC_FNMT_Foreman.crt" \
                               --certs-update-server

[root@foreman-ssl ~]#

Just an observation, but try putting the cert path in quotes.

foreman-installer --scenario katello
–certs-server-cert “certs/wildcard_ieca.junta-andalucia.es.crt”
–certs-server-cert-req “certs/wildcard_ieca.junta-andalucia.es.req”
–certs-server-key “certs/wildcard_ieca.junta-andalucia.es.key”
–certs-server-ca-cert “certs/AC_FNMT_Foreman.crt”

Also, I looked back at the command I use to install foreman, it might not matter at all, but I specified the full path to each cert file. something like
–certs-server-cert “/root/certs/blah.crt”.

I’ve just to execute this:

[root@foreman-ssl ~]# foreman-installer --scenario katello --certs-server-cert "/root/certs/wildcard_ieca.junta-andalucia.es.crt" --certs-server-cert-req "/root/certs/wildcard_ieca.junta-andalucia.es.req" --certs-server-key "/root/certs/wildcard_ieca.junta-andalucia.es.key" --certs-server-ca-cert "/root/certs/AC_FNMT_Foreman.crt"

and… start to install instead give me the error, but… a few seconds after, I received this red message:

 can't find a file that should have been created during an earlier step:
       ./ssl-build/KATELLO-TRUSTED-SSL-CERT

       katello-ssl-tool --help

Generating web server's SSL key pair/set RPM:
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/execution.rb:296:in `execute'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/provider/command.rb:23:in `execute'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/provider.rb:222:in `block in has_command'
/usr/share/foreman-installer/modules/certs/lib/puppet/provider/katello_ssl_tool.rb:39:in `chdir'
/usr/share/foreman-installer/modules/certs/lib/puppet/provider/katello_ssl_tool.rb:17:in `create'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/property.rb:490:in `set'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/property.rb:570:in `sync'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:241:in `sync'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:21:in `evaluate'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:263:in `apply'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:283:in `eval_resource'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:187:in `call'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:521:in `block in thinmark'
/opt/puppetlabs/puppet/lib/ruby/2.5.0/benchmark.rb:308:in `realtime'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:520:in `thinmark'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:187:in `block in evaluate'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/graph/relationship_graph.rb:122:in `traverse'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:174:in `evaluate'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:521:in `block in thinmark'
/opt/puppetlabs/puppet/lib/ruby/2.5.0/benchmark.rb:308:in `realtime'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:520:in `thinmark'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/resource/catalog.rb:239:in `block in apply'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/log.rb:161:in `with_destination'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/resource/catalog.rb:238:in `apply'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:521:in `block in thinmark'
/opt/puppetlabs/puppet/lib/ruby/2.5.0/benchmark.rb:308:in `realtime'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:520:in `thinmark'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:193:in `block in apply_catalog'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:233:in `block in benchmark'
/opt/puppetlabs/puppet/lib/ruby/2.5.0/benchmark.rb:308:in `realtime'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:232:in `benchmark'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:192:in `apply_catalog'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:381:in `run_internal'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:242:in `block in run'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/context.rb:65:in `override'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:266:in `override'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:219:in `run'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:343:in `apply_catalog'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/context.rb:65:in `override'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:266:in `override'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:243:in `block in main'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/context.rb:65:in `override'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:266:in `override'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:207:in `main'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:177:in `run_command'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application.rb:382:in `block in run'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:687:in `exit_on_fail'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application.rb:382:in `run'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:143:in `run'
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:77:in `execute'
/opt/puppetlabs/puppet/bin/puppet:5:in `<main>'

 can't find a file that should have been created during an earlier step:
       ./ssl-build/KATELLO-TRUSTED-SSL-CERT

       katello-ssl-tool --help

Generating web server's SSL key pair/set RPM:

and it continues to install, but at finish, give me this message:

Preparing installation Done                                              
  Something went wrong! Check the log for ERROR-level output
  The full log is at /var/log/foreman-installer/katello.log

and the log says:

[DEBUG 2019-08-14T08:27:55 main] Exit with status code: 6 (signal was 6)
[ERROR 2019-08-14T08:27:55 main] Errors encountered during run:
[ERROR 2019-08-14T08:27:55 main]  Execution of '/usr/bin/katello-ssl-tool --gen-server --set-hostname foreman-ssl.ieca.junta-andalucia.es --server-cert foreman-ssl.ieca.junta-andalucia.es-apache.crt --server-cert-req foreman-ssl.ieca.junta-andalucia.es-apache.crt.req --server-key foreman-ssl.ieca.junta-andalucia.es-apache.key --server-rpm foreman-ssl.ieca.junta-andalucia.es-apache --rpm-only' returned 33: ...working...
[ERROR 2019-08-14T08:27:55 main] 
[ERROR 2019-08-14T08:27:55 main]  can't find a file that should have been created during an earlier step:
[ERROR 2019-08-14T08:27:55 main]        ./ssl-build/KATELLO-TRUSTED-SSL-CERT
[ERROR 2019-08-14T08:27:55 main] 
[ERROR 2019-08-14T08:27:55 main]        katello-ssl-tool --help
[ERROR 2019-08-14T08:27:55 main] 
[ERROR 2019-08-14T08:27:55 main] Generating web server's SSL key pair/set RPM:
[ERROR 2019-08-14T08:27:55 main]     ./ssl-build/foreman-ssl.ieca.junta-andalucia.es/foreman-ssl.ieca.junta-andalucia.es-apache-1.0-1.src.rpm
[ERROR 2019-08-14T08:27:55 main]     ./ssl-build/foreman-ssl.ieca.junta-andalucia.es/foreman-ssl.ieca.junta-andalucia.es-apache-1.0-1.noarch.rpm
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/execution.rb:296:in `execute'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/provider/command.rb:23:in `execute'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/provider.rb:222:in `block in has_command'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/provider.rb:444:in `block in create_class_and_instance_method'
[ERROR 2019-08-14T08:27:55 main] /usr/share/foreman-installer/modules/certs/lib/puppet/provider/katello_ssl_tool.rb:40:in `block in katello_ssl_tool'
[ERROR 2019-08-14T08:27:55 main] /usr/share/foreman-installer/modules/certs/lib/puppet/provider/katello_ssl_tool.rb:39:in `chdir'
[ERROR 2019-08-14T08:27:55 main] /usr/share/foreman-installer/modules/certs/lib/puppet/provider/katello_ssl_tool.rb:39:in `katello_ssl_tool'
[ERROR 2019-08-14T08:27:55 main] /usr/share/foreman-installer/modules/certs/lib/puppet/provider/cert/katello_ssl_tool.rb:42:in `generate!'
[ERROR 2019-08-14T08:27:55 main] /usr/share/foreman-installer/modules/certs/lib/puppet/provider/katello_ssl_tool.rb:17:in `create'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/property/ensure.rb:16:in `block in defaultvalues'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/property.rb:490:in `set'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/property.rb:570:in `sync'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:241:in `sync'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:136:in `sync_if_needed'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:82:in `perform_changes'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:21:in `evaluate'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:263:in `apply'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:283:in `eval_resource'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:187:in `call'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:187:in `block (2 levels) in evaluate'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:521:in `block in thinmark'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/2.5.0/benchmark.rb:308:in `realtime'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:520:in `thinmark'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:187:in `block in evaluate'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/graph/relationship_graph.rb:122:in `traverse'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:174:in `evaluate'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/resource/catalog.rb:240:in `block (2 levels) in apply'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:521:in `block in thinmark'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/2.5.0/benchmark.rb:308:in `realtime'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:520:in `thinmark'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/resource/catalog.rb:239:in `block in apply'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/log.rb:161:in `with_destination'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/report.rb:146:in `as_logging_destination'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/resource/catalog.rb:238:in `apply'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:194:in `block (2 levels) in apply_catalog'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:521:in `block in thinmark'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/2.5.0/benchmark.rb:308:in `realtime'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:520:in `thinmark'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:193:in `block in apply_catalog'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:233:in `block in benchmark'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/2.5.0/benchmark.rb:308:in `realtime'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:232:in `benchmark'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:192:in `apply_catalog'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:381:in `run_internal'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:242:in `block in run'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/context.rb:65:in `override'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:266:in `override'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:219:in `run'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:343:in `apply_catalog'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:260:in `block (2 levels) in main'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/context.rb:65:in `override'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:266:in `override'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:243:in `block in main'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/context.rb:65:in `override'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:266:in `override'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:207:in `main'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:177:in `run_command'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application.rb:382:in `block in run'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:687:in `exit_on_fail'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application.rb:382:in `run'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:143:in `run'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:77:in `execute'
[ERROR 2019-08-14T08:27:55 main] /opt/puppetlabs/puppet/bin/puppet:5:in `<main>'
[ERROR 2019-08-14T08:27:55 main]  /Stage[main]/Certs::Apache/Cert[foreman-ssl.ieca.junta-andalucia.es-apache]/ensure: change from 'absent' to 'present' failed: Execution of '/usr/bin/katello-ssl-tool --gen-server --set-hostname foreman-ssl.ieca.junta-andalucia.es --server-cert foreman-ssl.ieca.junta-andalucia.es-apache.crt --server-cert-req foreman-ssl.ieca.junta-andalucia.es-apache.crt.req --server-key foreman-ssl.ieca.junta-andalucia.es-apache.key --server-rpm foreman-ssl.ieca.junta-andalucia.es-apache --rpm-only' returned 33: ...working...
[ERROR 2019-08-14T08:27:55 main] 
[ERROR 2019-08-14T08:27:55 main]  can't find a file that should have been created during an earlier step:
[ERROR 2019-08-14T08:27:55 main]        ./ssl-build/KATELLO-TRUSTED-SSL-CERT
[ERROR 2019-08-14T08:27:55 main] 
[ERROR 2019-08-14T08:27:55 main]        katello-ssl-tool --help
[ERROR 2019-08-14T08:27:55 main] 
[ERROR 2019-08-14T08:27:55 main] Generating web server's SSL key pair/set RPM:
[ERROR 2019-08-14T08:27:55 main]     ./ssl-build/foreman-ssl.ieca.junta-andalucia.es/foreman-ssl.ieca.junta-andalucia.es-apache-1.0-1.src.rpm
[ERROR 2019-08-14T08:27:55 main]     ./ssl-build/foreman-ssl.ieca.junta-andalucia.es/foreman-ssl.ieca.junta-andalucia.es-apache-1.0-1.noarch.rpm
[DEBUG 2019-08-14T08:27:55 main] Cleaning /tmp/kafo_puppet20190814-2064-dxsly7.conf
[DEBUG 2019-08-14T08:27:55 main] Cleaning /tmp/kafo_hiera20190814-2064-16syeq6
[DEBUG 2019-08-14T08:27:55 main] Cleaning /tmp/kafo_puppet20190814-2064-euhdw1.conf
[DEBUG 2019-08-14T08:27:55 main] Cleaning /tmp/default_values.yaml
[ INFO 2019-08-14T08:27:55 main] Installer finished in 639.499736904 seconds