Project

General

Profile

Feature #17367

Capsule should listen for RHSM requests on port 443, like Satellite does

Added by Stephen Benjamin about 3 years ago. Updated over 1 year ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Installer
Target version:
Difficulty:
Triaged:
Yes
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1288817
Description of problem:
While Satellite listens for RHSM requests (of clients machine registered to it) on port 443, an external Capsule (offering just a subset of Satellite functionality) has separate port 8443 dedicated for it.

This is confusing and can easily introduce registration issues - in fact it already happened and believe me it is nontrivial to investigate why client host fails to register to Capsule (if trying to connect to port 443 that sounds logically correct but wrong due to wrong rhsm.conf setting).

Moving the listening port back to 443 will gain these pros:
- logical coherence where any client machine within Satellite deployment registers to - this prevents misconfiguration issues due to lack of knowing the exception / rule with port 8443
- simplified firewall setting
- simplified POSTIN script in katello-ca-consumer RPM

Version-Release number of selected component (if applicable):
Sat 6.1.4 (i fact any Sat6)

How reproducible:
100%

Steps to Reproduce:
1. Install Sat, Caps, register content host to Sat and to Caps
2. Check what port the clients use for RHSM communication (i.e. rhsm.conf on clients)

Actual results:
clients registered to Sat talk via port 443
clients registered to Caps talk via port 8443

Expected results:
any client to talk to its "server" (Sat or Caps) via port 443

Additional info:
Once implemented, documentation needs to be updated - at least firewall setting


Related issues

Related to Katello - Bug #12646: Isolated Reverse proxy exposes all of Katello/ForemanNew

History

#1 Updated by Justin Sherrill about 3 years ago

  • Subject changed from Capsule should listen for RHSM requests on port 443, like Satellite does to Capsule should listen for RHSM requests on port 443, like Satellite does
  • Legacy Backlogs Release (now unused) set to 114

#3 Updated by Stephen Benjamin over 1 year ago

  • Related to Bug #12646: Isolated Reverse proxy exposes all of Katello/Foreman added

Also available in: Atom PDF