An error occurred attempting to contact the server. More information can be
found in the client log file ~/.pulp/admin.log.
[ian@katello 05-foreman-ssl.d]$ tail ~/.pulp/admin.log
repo_list =
self.context.server.repo.repositories(query_params).response_body
File “/usr/lib/python2.6/site-packages/pulp/bindings/repository.py”, line
34, in repositories
return self.server.GET(path, query_parameters)
File “/usr/lib/python2.6/site-packages/pulp/bindings/server.py”, line 92,
in GET
return self._request(‘GET’, path, queries)
File “/usr/lib/python2.6/site-packages/pulp/bindings/server.py”, line
142, in _request
response_code, response_body = self.server_wrapper.request(method, url,
body)
File “/usr/lib/python2.6/site-packages/pulp/bindings/server.py”, line
332, in request
raise exceptions.ConnectionException(None, str(err), None)
ConnectionException: (None, ‘tlsv1 alert unknown ca’, None)
This has been driving me crazy for a while. Another thread recommended
setting verify_ssl to False in the ~/.pulp/admin.conf So I did that but am
still getting the tlsv1 alert unknown ca error.
edit /etc/httpd.conf/05-foreman-ssl.conf and comment out
SSLCARecovationCheck
SSLCARevocationCheck "chain"
Restart httpd and that fixed a similar issue for me.
-byron
···
On Thursday, November 12, 2015 at 1:45:13 PM UTC-6, ian forte wrote:
>
> Hello,
> I am having trouble running pulp-admin repo list. After I connect to the
> Pulp server and try to run the repo list, I get an error:
>
>
> pulp-admin repo list
> +----------------------------------------------------------------------+
> Repositories
> +----------------------------------------------------------------------+
>
> An error occurred attempting to contact the server. More information can be
> found in the client log file ~/.pulp/admin.log.
>
> [ian@katello 05-foreman-ssl.d]$ tail ~/.pulp/admin.log
> repo_list =
> self.context.server.repo.repositories(query_params).response_body
> File "/usr/lib/python2.6/site-packages/pulp/bindings/repository.py",
> line 34, in repositories
> return self.server.GET(path, query_parameters)
> File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py", line
> 92, in GET
> return self._request('GET', path, queries)
> File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py", line
> 142, in _request
> response_code, response_body = self.server_wrapper.request(method,
> url, body)
> File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py", line
> 332, in request
> raise exceptions.ConnectionException(None, str(err), None)
> ConnectionException: (None, 'tlsv1 alert unknown ca', None)
>
> This has been driving me crazy for a while. Another thread recommended
> setting verify_ssl to False in the ~/.pulp/admin.conf So I did that but am
> still getting the tlsv1 alert unknown ca error.
>
> Any help would be very much appreciated.
>
Same for me.
The workaround setting option "SSLVerifyClient" from "optional" to
"optional_no_ca" in file "/etc/httpd/conf.d/05-foreman-ssl.conf" is
working, but I don't like that…
Any other idea ?
···
Le jeudi 12 novembre 2015 20:45:13 UTC+1, ian forte a écrit :
>
> Hello,
> I am having trouble running pulp-admin repo list. After I connect to the
> Pulp server and try to run the repo list, I get an error:
>
>
> pulp-admin repo list
> +----------------------------------------------------------------------+
> Repositories
> +----------------------------------------------------------------------+
>
> An error occurred attempting to contact the server. More information can be
> found in the client log file ~/.pulp/admin.log.
>
>
>
I saw that recommendation on another thread but it looks like
SSLCARecovationCheck is missing from my 05-foreman-ssl.conf config.
···
On Thu, Nov 12, 2015 at 12:04 PM, Byron Miller wrote:
Sounds like the error i had.
edit /etc/httpd.conf/05-foreman-ssl.conf and comment out
SSLCARecovationCheck
SSLCARevocationCheck “chain”
Restart httpd and that fixed a similar issue for me.
-byron
On Thursday, November 12, 2015 at 1:45:13 PM UTC-6, ian forte wrote:
Hello,
I am having trouble running pulp-admin repo list. After I connect to the
Pulp server and try to run the repo list, I get an error:
pulp-admin repo list
±---------------------------------------------------------------------+
Repositories
±---------------------------------------------------------------------+
An error occurred attempting to contact the server. More information can
be
found in the client log file ~/.pulp/admin.log.
[ian@katello 05-foreman-ssl.d]$ tail ~/.pulp/admin.log
repo_list =
self.context.server.repo.repositories(query_params).response_body
File “/usr/lib/python2.6/site-packages/pulp/bindings/repository.py”,
line 34, in repositories
return self.server.GET(path, query_parameters)
File “/usr/lib/python2.6/site-packages/pulp/bindings/server.py”, line
92, in GET
return self._request(‘GET’, path, queries)
File “/usr/lib/python2.6/site-packages/pulp/bindings/server.py”, line
142, in _request
response_code, response_body = self.server_wrapper.request(method,
url, body)
File “/usr/lib/python2.6/site-packages/pulp/bindings/server.py”, line
332, in request
raise exceptions.ConnectionException(None, str(err), None)
ConnectionException: (None, ‘tlsv1 alert unknown ca’, None)
This has been driving me crazy for a while. Another thread recommended
setting verify_ssl to False in the ~/.pulp/admin.conf So I did that but am
still getting the tlsv1 alert unknown ca error.
···
On Thu, Nov 12, 2015 at 12:04 PM, Byron Miller wrote:
Sounds like the error i had.
edit /etc/httpd.conf/05-foreman-ssl.conf and comment out
SSLCARecovationCheck
SSLCARevocationCheck “chain”
Restart httpd and that fixed a similar issue for me.
-byron
On Thursday, November 12, 2015 at 1:45:13 PM UTC-6, ian forte wrote:
Hello,
I am having trouble running pulp-admin repo list. After I connect to the
Pulp server and try to run the repo list, I get an error:
pulp-admin repo list
±---------------------------------------------------------------------+
Repositories
±---------------------------------------------------------------------+
An error occurred attempting to contact the server. More information can
be
found in the client log file ~/.pulp/admin.log.
[ian@katello 05-foreman-ssl.d]$ tail ~/.pulp/admin.log
repo_list =
self.context.server.repo.repositories(query_params).response_body
File “/usr/lib/python2.6/site-packages/pulp/bindings/repository.py”,
line 34, in repositories
return self.server.GET(path, query_parameters)
File “/usr/lib/python2.6/site-packages/pulp/bindings/server.py”, line
92, in GET
return self._request(‘GET’, path, queries)
File “/usr/lib/python2.6/site-packages/pulp/bindings/server.py”, line
142, in _request
response_code, response_body = self.server_wrapper.request(method,
url, body)
File “/usr/lib/python2.6/site-packages/pulp/bindings/server.py”, line
332, in request
raise exceptions.ConnectionException(None, str(err), None)
ConnectionException: (None, ‘tlsv1 alert unknown ca’, None)
This has been driving me crazy for a while. Another thread recommended
setting verify_ssl to False in the ~/.pulp/admin.conf So I did that but am
still getting the tlsv1 alert unknown ca error.
i have exactly the same symptom as you. did you get a solution?
My setup is a fresh install from katello (i tried to deploy it).
···
Le jeudi 12 novembre 2015 21:14:20 UTC+1, ian forte a écrit :
>
> The only SSL directives i have in that file are:
>
> ## SSL directives
> SSLEngine on
> SSLCertificateFile "/etc/pki/katello/certs/katello-apache.crt"
> SSLCertificateKeyFile "/etc/pki/katello/private/katello-apache.key"
> SSLCertificateChainFile "/etc/pki/katello/certs/katello-default-ca.crt"
> SSLCACertificatePath "/etc/pki/tls/certs"
> SSLCACertificateFile "/etc/pki/katello/certs/katello-default-ca.crt"
> SSLVerifyClient optional
> SSLVerifyDepth 3
> SSLOptions +StdEnvVars +ExportCertData
>
>
> On Thu, Nov 12, 2015 at 12:04 PM, Byron Miller > wrote:
>
>> Sounds like the error i had.
>>
>> edit /etc/httpd.conf/05-foreman-ssl.conf and comment out
>> SSLCARecovationCheck
>>
>> # SSLCARevocationCheck "chain"
>>
>> Restart httpd and that fixed a similar issue for me.
>>
>> -byron
>>
>>
>> On Thursday, November 12, 2015 at 1:45:13 PM UTC-6, ian forte wrote:
>>>
>>> Hello,
>>> I am having trouble running pulp-admin repo list. After I connect to
>>> the Pulp server and try to run the repo list, I get an error:
>>>
>>>
>>> pulp-admin repo list
>>> +----------------------------------------------------------------------+
>>> Repositories
>>> +----------------------------------------------------------------------+
>>>
>>> An error occurred attempting to contact the server. More information can
>>> be
>>> found in the client log file ~/.pulp/admin.log.
>>>
>>> [ian@katello 05-foreman-ssl.d]$ tail ~/.pulp/admin.log
>>> repo_list =
>>> self.context.server.repo.repositories(query_params).response_body
>>> File "/usr/lib/python2.6/site-packages/pulp/bindings/repository.py",
>>> line 34, in repositories
>>> return self.server.GET(path, query_parameters)
>>> File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py", line
>>> 92, in GET
>>> return self._request('GET', path, queries)
>>> File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py", line
>>> 142, in _request
>>> response_code, response_body = self.server_wrapper.request(method,
>>> url, body)
>>> File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py", line
>>> 332, in request
>>> raise exceptions.ConnectionException(None, str(err), None)
>>> ConnectionException: (None, 'tlsv1 alert unknown ca', None)
>>>
>>> This has been driving me crazy for a while. Another thread recommended
>>> setting verify_ssl to False in the ~/.pulp/admin.conf So I did that but am
>>> still getting the tlsv1 alert unknown ca error.
>>>
>>> Any help would be very much appreciated.
>>>
>> --
>> You received this message because you are subscribed to a topic in the
>> Google Groups "Foreman users" group.
>> To unsubscribe from this topic, visit
>> https://groups.google.com/d/topic/foreman-users/WXs_-8fiJ9o/unsubscribe.
>> To unsubscribe from this group and all its topics, send an email to
>> foreman-user...@googlegroups.com .
>> To post to this group, send email to forema...@googlegroups.com
>> .
>> Visit this group at http://groups.google.com/group/foreman-users.
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
On Thu, Nov 12, 2015 at 12:04 PM, Byron Miller byr...@gmail.com wrote:
Sounds like the error i had.
edit /etc/httpd.conf/05-foreman-ssl.conf and comment out
SSLCARecovationCheck
SSLCARevocationCheck “chain”
Restart httpd and that fixed a similar issue for me.
-byron
On Thursday, November 12, 2015 at 1:45:13 PM UTC-6, ian forte wrote:
Hello,
I am having trouble running pulp-admin repo list. After I connect to
the Pulp server and try to run the repo list, I get an error:
pulp-admin repo list
±---------------------------------------------------------------------+
Repositories
±---------------------------------------------------------------------+
An error occurred attempting to contact the server. More information
can be
found in the client log file ~/.pulp/admin.log.
[ian@katello 05-foreman-ssl.d]$ tail ~/.pulp/admin.log
repo_list =
self.context.server.repo.repositories(query_params).response_body
File “/usr/lib/python2.6/site-packages/pulp/bindings/repository.py”,
line 34, in repositories
return self.server.GET(path, query_parameters)
File “/usr/lib/python2.6/site-packages/pulp/bindings/server.py”, line
92, in GET
return self._request(‘GET’, path, queries)
File “/usr/lib/python2.6/site-packages/pulp/bindings/server.py”, line
142, in _request
response_code, response_body = self.server_wrapper.request(method,
url, body)
File “/usr/lib/python2.6/site-packages/pulp/bindings/server.py”, line
332, in request
raise exceptions.ConnectionException(None, str(err), None)
ConnectionException: (None, ‘tlsv1 alert unknown ca’, None)
This has been driving me crazy for a while. Another thread recommended
setting verify_ssl to False in the ~/.pulp/admin.conf So I did that but am
still getting the tlsv1 alert unknown ca error.
Successfully logged in. Session certificate will expire at Feb 1 10:19:28
2016
GMT.
But then when i tried somthing like :
pulp-admin tasks list
i get an error with this in log : "ConnectionException: (None, 'tlsv1 alert
unknown ca', None)".
The only workaround is to set option "SSLVerifyClient" from "optional" to
"optional_no_ca" in file "/etc/httpd/conf.d/05-foreman-ssl.conf".
But i think it's not a good idea.
···
Le vendredi 22 janvier 2016 18:33:58 UTC+1, Eric Helms a écrit :
>
> Do you get this error if you supply username and password using pulp-admin?
>
> On Fri, Jan 22, 2016 at 8:51 AM, Lionel Caignec > wrote:
>
>> Hello,
>>
>> i have exactly the same symptom as you. did you get a solution?
>>
>> My setup is a fresh install from katello (i tried to deploy it).
>>
>>
>>
>>
>> Le jeudi 12 novembre 2015 21:14:20 UTC+1, ian forte a écrit :
>>>
>>> The only SSL directives i have in that file are:
>>>
>>> ## SSL directives
>>> SSLEngine on
>>> SSLCertificateFile "/etc/pki/katello/certs/katello-apache.crt"
>>> SSLCertificateKeyFile "/etc/pki/katello/private/katello-apache.key"
>>> SSLCertificateChainFile "/etc/pki/katello/certs/katello-default-ca.crt"
>>> SSLCACertificatePath "/etc/pki/tls/certs"
>>> SSLCACertificateFile "/etc/pki/katello/certs/katello-default-ca.crt"
>>> SSLVerifyClient optional
>>> SSLVerifyDepth 3
>>> SSLOptions +StdEnvVars +ExportCertData
>>>
>>>
>>> On Thu, Nov 12, 2015 at 12:04 PM, Byron Miller wrote:
>>>
>>>> Sounds like the error i had.
>>>>
>>>> edit /etc/httpd.conf/05-foreman-ssl.conf and comment out
>>>> SSLCARecovationCheck
>>>>
>>>> # SSLCARevocationCheck "chain"
>>>>
>>>> Restart httpd and that fixed a similar issue for me.
>>>>
>>>> -byron
>>>>
>>>>
>>>> On Thursday, November 12, 2015 at 1:45:13 PM UTC-6, ian forte wrote:
>>>>>
>>>>> Hello,
>>>>> I am having trouble running pulp-admin repo list. After I connect to
>>>>> the Pulp server and try to run the repo list, I get an error:
>>>>>
>>>>>
>>>>> pulp-admin repo list
>>>>>
>>>>> +----------------------------------------------------------------------+
>>>>> Repositories
>>>>>
>>>>> +----------------------------------------------------------------------+
>>>>>
>>>>> An error occurred attempting to contact the server. More information
>>>>> can be
>>>>> found in the client log file ~/.pulp/admin.log.
>>>>>
>>>>> [ian@katello 05-foreman-ssl.d]$ tail ~/.pulp/admin.log
>>>>> repo_list =
>>>>> self.context.server.repo.repositories(query_params).response_body
>>>>> File "/usr/lib/python2.6/site-packages/pulp/bindings/repository.py",
>>>>> line 34, in repositories
>>>>> return self.server.GET(path, query_parameters)
>>>>> File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py",
>>>>> line 92, in GET
>>>>> return self._request('GET', path, queries)
>>>>> File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py",
>>>>> line 142, in _request
>>>>> response_code, response_body = self.server_wrapper.request(method,
>>>>> url, body)
>>>>> File "/usr/lib/python2.6/site-packages/pulp/bindings/server.py",
>>>>> line 332, in request
>>>>> raise exceptions.ConnectionException(None, str(err), None)
>>>>> ConnectionException: (None, 'tlsv1 alert unknown ca', None)
>>>>>
>>>>> This has been driving me crazy for a while. Another thread
>>>>> recommended setting verify_ssl to False in the ~/.pulp/admin.conf So I did
>>>>> that but am still getting the tlsv1 alert unknown ca error.
>>>>>
>>>>> Any help would be very much appreciated.
>>>>>
>>>> --
>>>> You received this message because you are subscribed to a topic in the
>>>> Google Groups "Foreman users" group.
>>>> To unsubscribe from this topic, visit
>>>> https://groups.google.com/d/topic/foreman-users/WXs_-8fiJ9o/unsubscribe
>>>> .
>>>> To unsubscribe from this group and all its topics, send an email to
>>>> foreman-user...@googlegroups.com.
>>>> To post to this group, send email to forema...@googlegroups.com.
>>>> Visit this group at http://groups.google.com/group/foreman-users.
>>>> For more options, visit https://groups.google.com/d/optout.
>>>>
>>>
>>> --
>> You received this message because you are subscribed to the Google Groups
>> "Foreman users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to foreman-user...@googlegroups.com .
>> To post to this group, send email to forema...@googlegroups.com
>> .
>> Visit this group at https://groups.google.com/group/foreman-users.
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
>
> --
> Eric D. Helms
> Red Hat Engineering
> Ph.D. Student - North Carolina State University
>