Project

General

Profile

Actions
Copy link

Bug #11144

closed

foreman-proxy cannot find puppet.cert - use incorrect cert name (i think by default)

Added by Aleksei Yamschikov almost 10 years ago. Updated almost 8 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Difficulty:
Triaged:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

After i recreate puppet CA cert i get problem with foreman-proxy 

No such file or directory - /var/lib/puppet/ssl/certs/puppet.pem

Trace:
Errno::ENOENT
No such file or directory - /var/lib/puppet/ssl/certs/puppet.pem
lib/proxy_api/resource.rb:19:in `read'
lib/proxy_api/resource.rb:19:in `initialize'
lib/proxy_api/puppetca.rb:5:in `initialize'
app/services/smart_proxies/puppet_ca.rb:19:in `new'
app/services/smart_proxies/puppet_ca.rb:19:in `all'
app/services/smart_proxies/puppet_ca.rb:36:in `find_by_state'
app/controllers/puppetca_controller.rb:8:in `index'
app/models/concerns/foreman/thread_session.rb:33:in `clear_thread'
lib/middleware/catch_json_parse_errors.rb:9:in `call'

in /etc/foreman-proxy/settings.d/foreman_proxy.yml all seems fine

---
### File managed with puppet ###
## Module:           'foreman_proxy'

:settings_directory: /etc/foreman-proxy/settings.d

# SSL Setup

# if enabled, all communication would be verfied via SSL
# NOTE that both certificates need to be signed by the same CA in order for this to work
# see http://theforeman.org/projects/smart-proxy/wiki/SSL for more information
:ssl_ca_file: /var/lib/puppet/ssl/certs/ca.pem
:ssl_certificate: /var/lib/puppet/ssl/certs/puppet.mydomain.com.pem
:ssl_private_key: /var/lib/puppet/ssl/private_keys/puppet.mydomain.com.pem

but in log when i restart foreman-proxy i see 

I, [2015-07-17T11:06:44.983418 #26094]  INFO -- : 'foreman_proxy' settings were initialized with default values: :enabled: true
I, [2015-07-17T11:10:29.119169 #26415]  INFO -- : 'puppet' settings were initialized with default values: :puppet_provider: puppetrun, :puppetdir: /etc/puppet

In /etc/foreman-proxy/settings.d/puppet.yml also correct path to certificate

# URL of the puppet master itself for API requests                                                                                                                                                                                            
:puppet_url: https://puppet.mydomain.com:8140                                                                                                                                                                                                
# SSL certificates used to access the puppet master API                                                                                                                                                                                       
:puppet_ssl_ca: /var/lib/puppet/ssl/certs/ca.pem                                                                                                                                                                                              
:puppet_ssl_cert: /var/lib/puppet/ssl/certs/puppet.mydomain.com.pem                                                                                                                                                                          
:puppet_ssl_key: /var/lib/puppet/ssl/private_keys/puppet.mydomain.com.pem

Why in Foreman Web interface i see "No such file or directory - /var/lib/puppet/ssl/certs/puppet.pem"?
Where i can setup this option?
Now i cannot remove and readd foreman_proxy, and i cannot import changes in modules.

Actions
Copy link

Also available in: Atom PDF