Feature #21730

Add check to verify if any empty CA request files exist on satellite

Added by Kavita Gaikwad 6 months ago. Updated 4 months ago.

Status:New
Priority:Normal
Assigned To:Kavita Gaikwad
Category:-
Target version:Foreman - Team Anurag backlog
Difficulty: Bugzilla link:1437580
Found in release: Pull request:https://github.com/theforeman/foreman_maintain/pull/130
Story points-
Velocity based estimate-

Description

Description of problem:

Puppet Master Issue / CA issue:

When Satellite have one empty CA file, customer will receive the message according below
---
Failure: ERF50-5345 [Foreman::WrappedException]: Unable to connect ([ProxyAPI::ProxyException]: ERF12-5356 [ProxyAPI::ProxyException]: Unable to get PuppetCA certificates ([RestClient...)
---

Version-Release number of selected component (if applicable):
6.2.8

How reproducible:
100%

Steps to Reproduce:
1. Create one empty file inside "/var/lib/puppet/ssl/ca/requests/test.pem"
2. Execute the command "/usr/bin/puppet cert --ssldir /var/lib/puppet/ssl --list --all"

Actual results:
Error
---
[root@satellite6 log]# /usr/bin/puppet cert --ssldir /var/lib/puppet/ssl --list --all
Error: header too long
[root@satellite6 log]#
---

Expected results:
See all certificates

Additional info:

Also, provide a step to delete those empty files.

History

#1 Updated by Kavita Gaikwad 5 months ago

  • Subject changed from Add check to verify if any empty CA files exist on satellite to Add check to verify if any empty CA request files exist on satellite

#2 Updated by The Foreman Bot 5 months ago

  • Pull request https://github.com/theforeman/foreman_maintain/pull/130 added

Also available in: Atom PDF