Capsule should listen for RHSM requests on port 443, like Satellite does
Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1288817
Description of problem:
While Satellite listens for RHSM requests (of clients machine registered to it) on port 443, an external Capsule (offering just a subset of Satellite functionality) has separate port 8443 dedicated for it.
This is confusing and can easily introduce registration issues - in fact it already happened and believe me it is nontrivial to investigate why client host fails to register to Capsule (if trying to connect to port 443 that sounds logically correct but wrong due to wrong rhsm.conf setting).
Moving the listening port back to 443 will gain these pros:
- logical coherence where any client machine within Satellite deployment registers to - this prevents misconfiguration issues due to lack of knowing the exception / rule with port 8443
- simplified firewall setting
- simplified POSTIN script in katello-ca-consumer RPM
Version-Release number of selected component (if applicable):
Sat 6.1.4 (i fact any Sat6)
Steps to Reproduce:
1. Install Sat, Caps, register content host to Sat and to Caps
2. Check what port the clients use for RHSM communication (i.e. rhsm.conf on clients)
clients registered to Sat talk via port 443
clients registered to Caps talk via port 8443
any client to talk to its "server" (Sat or Caps) via port 443
Once implemented, documentation needs to be updated - at least firewall setting
#2 Updated by Ewoud Kohl van Wijngaarden over 4 years ago
https://github.com/Katello/puppet-foreman_proxy_content/blob/3a1118deb9104e167c754aa57914eb8894cb54e9/manifests/init.pp#L211-L213 does does a similar thing, but only proxies certain URLs. Can't we expand that to include the RHSM URLs? See https://github.com/Katello/puppet-foreman_proxy_content/blob/3a1118deb9104e167c754aa57914eb8894cb54e9/templates/_pulp_gpg_proxy.erb as well.