Problem:
Unable to register hosts after uploading custom certificate
Expected outcome:
successfully register to Foreman/Katello
Foreman and Proxy versions:
3.6.1
Foreman and Proxy plugin versions:
3.6.1 / katello 4.8
Distribution and version:
RHEL 8
Other relevant data:
Getting following error when running registration curl script on hosts after uploading with custom certificate:
Running registration
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-
: manager
Error loading certificate: [Errno 2] No such file or directory: ā/etc/pki/consumer/cert.pemā
Loading mirror speeds from cached hostfile
Hi @ericville
On the client there should be this CA /etc/rhsm/ca/katello-server-ca.pem
can you run openssl x509 -in /etc/rhsm/ca/katello-server-ca.pem -noout -text
and confirm if that matches the new custom cert and ca you have updated the Foreman instance with?
@ericville Could you tell us more about what you did? Iām experiencing a similar problem.
Today Iāve updated the Apache web server certificate (on the foreman server). After oing that Iāve noticed that some VM registered to Foreman server are unable to register or do a yum repolist
I ran the command and it does not look like the certificates match, however I did enable āInsecureā when generating the curl script for registration, so I would think that shouldnāt matter.
Iām also getting the following error as well -
Error loading certificate: [Errno 2] No such file or directory: ā/etc/pki/consumer/cert.pemā
If I remove the certificates and use the self signed, then Iām able to register successfully.
Thanks,
@atarallo
I followed the documentation on deploying a custom certificate to foreman server, and am now unable to register any hosts, where I was able to when using the self signed cert.
Not sure if there is another step Iām missingā¦
Also when following the steps in the documentation to deploy the custom certificate to hosts, and running the āāyum install http://foreman.example.com/pub/katello-ca-consumer-latest.noarch.rpmāā command, I get the following error:
Error loading certificate: [Errno 2] No such file or directory: ā/etc/pki/consumer/cert.pemā
@ericville
On the client can you email me the /var/log/rhsm.log
file and output of ls /etc/pki/consumer/
to chrobert@redhat.com so I can look at the rhsm client log?
just emailed the log to you, and the ls command showed the /etc/pki/consumer/ directory as empty.
Thanks,
Finally got this working. Was a bad custom certificate.
Thanks,
Hey @ericville
Sorry for the delay, I have been out sick this week. I just got back this morning and was testing it. Glad you got it figured out. I will stop my investigation and again sorry for the delay.
1 Like