Foreman » Smart Proxy

I upgraded recently from Foreman 1.8.0 to 1.8.1 and from Puppet 3.7 to Puppet 3.8.1 (on Ubuntu 14.04). When I restart the server, I get the following error when trying to display certificates in the webui:

ERF12-5356 [ProxyAPI::ProxyException]: Impossible d'obtenir les certificats PuppetCA ([RestClient::NotAcceptable]: 406 Not Acceptable) pour le proxy https://puppet.cptaq.local:8443/puppet/ca

Here's the log of foreman-proxy:

I, [2015-05-29T13:00:28.212261 #1054]  INFO -- : Running scan_directory on test: /usr/share/puppet/modules
10.17.80.5 - - [29/May/2015 13:00:28] "GET /puppet/environments/test/classes HTTP/1.1" 200 92433 4.7505
D, [2015-05-29T13:04:14.858340 #1054] DEBUG -- : verifying remote client 10.17.80.5 against trusted_hosts ["puppet.cptaq.local"]
D, [2015-05-29T13:04:14.859141 #1054] DEBUG -- : Found puppetca at /usr/bin/puppet
D, [2015-05-29T13:04:14.859232 #1054] DEBUG -- : Found sudo at /usr/bin/sudo
D, [2015-05-29T13:04:14.859277 #1054] DEBUG -- : Executing /usr/bin/sudo -S /usr/bin/puppet cert --ssldir /var/lib/puppet/ssl --list --all
W, [2015-05-29T13:04:15.276960 #1054]  WARN -- : Failed to run puppetca:
E, [2015-05-29T13:04:15.278112 #1054] ERROR -- : Failed to list certificates: Execution of puppetca failed, check log files
10.17.80.5 - - [29/May/2015 13:04:15] "GET /puppet/ca HTTP/1.1" 406 74 0.4209
D, [2015-05-29T13:04:15.472967 #1054] DEBUG -- : verifying remote client 10.17.80.5 against trusted_hosts ["puppet.cptaq.local"]
D, [2015-05-29T13:04:15.473276 #1054] DEBUG -- : Found puppetca at /usr/bin/puppet
D, [2015-05-29T13:04:15.473382 #1054] DEBUG -- : Found sudo at /usr/bin/sudo
D, [2015-05-29T13:04:15.473421 #1054] DEBUG -- : Executing /usr/bin/sudo -S /usr/bin/puppet cert --ssldir /var/lib/puppet/ssl --list --all
W, [2015-05-29T13:04:15.837424 #1054]  WARN -- : Failed to run puppetca:
E, [2015-05-29T13:04:15.838496 #1054] ERROR -- : Failed to list certificates: Execution of puppetca failed, check log files

If I simply restart the foreman-proxy service, everything works fine. Here's the log:

10.17.80.5 - - [29/May/2015 13:04:15] "GET /puppet/ca HTTP/1.1" 406 74 0.3663
W, [2015-05-29T13:06:11.993819 #8093]  WARN -- : Couldn't find settings file /etc/foreman-proxy/settings.d/foreman_proxy.yml. Using default settings.
I, [2015-05-29T13:06:11.993979 #8093]  INFO -- : 'foreman_proxy' settings were initialized with default values: :enabled: true
I, [2015-05-29T13:06:11.997012 #8093]  INFO -- : 'facts' module is disabled.
I, [2015-05-29T13:06:11.997477 #8093]  INFO -- : 'dns' module is disabled.
I, [2015-05-29T13:06:11.997749 #8093]  INFO -- : 'templates' module is disabled.
I, [2015-05-29T13:06:12.001059 #8093]  INFO -- : 'dhcp' module is disabled.
I, [2015-05-29T13:06:12.328149 #8093]  INFO -- : 'puppet' settings were initialized with default values: :cache_location: /usr/share/foreman-proxy/cache, :puppet_provider: puppetrun, :puppetdir: /etc/puppet, :salt_puppetrun_cmd: puppet.run, :use_cache: true
I, [2015-05-29T13:06:12.330752 #8093]  INFO -- : 'bmc' module is disabled.
I, [2015-05-29T13:06:12.331117 #8093]  INFO -- : 'realm' module is disabled.
D, [2015-05-29T13:06:16.287769 #8098] DEBUG -- : verifying remote client 10.17.80.5 against trusted_hosts ["puppet.cptaq.local"]
D, [2015-05-29T13:06:16.290139 #8098] DEBUG -- : Found puppetca at /usr/bin/puppet
D, [2015-05-29T13:06:16.290256 #8098] DEBUG -- : Found sudo at /usr/bin/sudo
D, [2015-05-29T13:06:16.290314 #8098] DEBUG -- : Executing /usr/bin/sudo -S /usr/bin/puppet cert --ssldir /var/lib/puppet/ssl --list --all
10.17.80.5 - - [29/May/2015 13:06:17] "GET /puppet/ca HTTP/1.1" 200 3908 1.0886

sudoers file:

root@puppet:/etc/puppet/environments/production/modules# cat /etc/sudoers.d/foreman-proxy
foreman-proxy ALL = (root) NOPASSWD : /usr/bin/puppet cert *
foreman-proxy ALL = (root) NOPASSWD : /usr/bin/puppet kick *
Defaults:foreman-proxy !requiretty