RestClient::SSLCertificateNotVerified on Actions::Katello::Repository::CheckMatchingContent for Actions::Katello::ContentView::Publish

Problem:
RestClient::SSLCertificateNotVerified

Foreman and Proxy plugin versions:

  • foreman-2.4.0-1.el7.noarch

  • foreman-cli-2.4.0-1.el7.noarch

  • foreman-debug-2.4.0-1.el7.noarch

  • foreman-dynflow-sidekiq-2.4.0-1.el7.noarch

  • foreman-installer-2.4.0-1.el7.noarch

  • foreman-installer-katello-2.4.0-1.el7.noarch

  • foreman-postgresql-2.4.0-1.el7.noarch

  • foreman-proxy-2.4.0-1.el7.noarch

  • foreman-release-2.4.0-1.el7.noarch

  • foreman-selinux-2.4.0-1.el7.noarch

  • foreman-service-2.4.0-1.el7.noarch

  • katello-4.0.0-1.el7.noarch

  • katello-certs-tools-2.7.3-1.el7.noarch

  • katello-client-bootstrap-1.7.6-1.el7.noarch

  • katello-common-4.0.0-1.el7.noarch

  • katello-debug-4.0.0-1.el7.noarch

  • katello-default-ca-1.0-1.noarch

  • katello-repos-4.0.0-1.el7.noarch

  • katello-selinux-4.0.0-1.el7.noarch

  • katello-server-ca-1.0-1.noarch

Distribution and version:
Red Hat Enterprise Linux Server release 7.9

Other relevant data:
I had published 5 content view version and the 6th the task got stuck with SSL Error.

  • There were no new certificat, no custom certificate,
  • Katello CA is Valid Not Before: May 11 12:05:27 2021 GMT and Not After : Jan 18 12:05:27 2038 GMT
  • content view is linked to a apt repository

I would like to be able to unlock this step.
Regards

OK,
I think it’s due to an unchage state of the repository.
I’m publishing a new version but nothing change inside the repo so I get the error above.
Regards,

@RazorTheBeaver can you share any stack trace in /var/log/foreman/production.log or journalctl when you’re performing this action?

Hi @Jonathon_Turel,

This what I have from journactl and production.log: debug_view.log (34.1 KB)

My guess was I have this error when inside the repo nothing changed and i’m publishing an new view but i’m not 100% sure it’s the problem.

The think is, I have one repo (dep) which has fix packages and won’t get new packages and another repo (build_dev) which has packages regularly like two or three times per/day.
When I receive a new build deb packages, I publish a new view like that the packages can be upgrade on the machine.

Since I have added dep repository, I have pulp who got stuck on the “CheckMatchingContent”.
Finally I also got the same error when I published an new view when the build_dev didn’t get new packages.

Best regards,

Did you do a pulp2-3 migration for the deb repos or is this a new box with katello 4.0?
I did open an issue here: Bug #32761: Deb repo calls pulp2 when checking published during matching content check - Katello - Foreman cause your logs seem to show the repo on pulp3 but check matching content checking for the repo on pulp2. That looks incorrect.

Hi @sajha,
It’s a new box with katello 4.0.
On foreman interface, I have those information:

Backend System Status

  • pulp3

Installed Packages

  • pulp-client-1.0-1.noarch

  • pulpcore-selinux-1.2.4-1.el7.x86_64

  • python-pulp-manifest-2.21.0.5-1.el7sat.noarch

  • python3-pulp-certguard-1.1.0-1.el7.noarch

  • python3-pulp-container-2.2.1-1.el7.noarch

  • python3-pulp-deb-2.9.1-1.el7.noarch

  • python3-pulp-file-1.5.0-1.el7.noarch

  • python3-pulp-rpm-3.10.0-1.el7.noarch

  • python3-pulpcore-3.9.1-2.el7.noarch