Problem:
Is there any information on how to import the katello-ca-consumer to a Ubuntu instance?
Something like wget --no-check-certificate https://foreman.host.net/pub/katello-server-ca.crt | sudo apt-key add - fails with gpg: no valid OpenPGP data found.
Expected outcome:
Able to import ca certificate for provisioning.
Foreman and Proxy versions:
Forman version 2.3.3
Katello 3.18
Distribution and version:
Centos 7
Ubuntu 20.04
To clarify if i run:
subscription-manager register --org=“Default_Organization” --activationkey=“Ubuntu 20.04”
Then i get the error:
Unable to verify server’s identity: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get issuer certificate (_ssl.c:1123)
Which means that the CA certificate is not installed, I tried putting the katello-ca cert in /usr/local/share/ca-certificates/ then run sudo update-ca-certificates but it’s still not used when running subscription-manager
Hi @pqvindesland !
The /content_hosts/register page on your Katello instance has some special instructions for Deb/Ubuntu that you should try out:
wget --no-check-certificate -O katello-rhsm-consumer https://katello.example.com/pub/katello-rhsm-consumer
/bin/bash -x katello-rhsm-consumer 2< /root/katello-rhsm-consumer.log
Hopefully that’ll do the trick for you.
Many thanks that worked, I had a look and those instructions are not there on Foreman 2.3.3, is that included in 2.4.0?
You’re welcome! My apologies, I forgot those steps were so new. They should be in Foreman 2.4 / Katello 4.0
Glad it’s working now 