Bug #18573
closed
yum fails to pull repo data (pulp: 403 Forbidden)
Description
I have central foreman server and capsule registered to it
data sync to capsule works
when I register client to capsule it fails to pull repo data
error looks like
.../repodata/repomd.xml: [Errno 14] HTTPS Error 403 - Forbidden
if I edit /etc/pulp/repo_auth.conf
[main]
enabled: false
yum starts to work
Updated by Karlis Melderis almost 8 years ago
message from foreman-ssl_error_ssl.log in foreman server
[Mon Feb 20 21:48:19.524439 2017] [:error] [pid 5333] [remote 10.11.0.236:4] Request denied to destination [/pulp/content/var/www/pub/yum/https/repos/DEMO/WordPress_AWS_demo/WordPress_AWS_demo_DEFAULT/custom/Centos_7/centos7_x64_base/repodata/repomd.xml]Client certificate failed extension check for destination: /pulp/content/var/www/pub/yum/https/repos/DEMO/WordPress_AWS_demo/WordPress_AWS_demo_DEFAULT/custom/Centos_7/centos7_x64_base/repodata/repomd.xml
message in /var/log/messages in foreman server
Feb 20 22:48:19 demo-amv-auui02 pulp: pulp.server.content.web.views:INFO: Denying demo-amv-auui02.demo.local access to /var/lib/pulp/published/yum/master/yum_distributor/DEMO-WordPress_AWS_demo-WordPress_AWS_demo_DEFAULT-Centos_7-centos7_x64_base/1487605216.52/repodata/repomd.xml because one or more authenticators failed.
IP 10.11.0.236 is capsule
demo-amv-auui02.demo.local - foreman server
if I register directly to foreman server all works as expected
Updated by Karlis Melderis almost 8 years ago
we can close the case.
I pulled down certificate RPM via https and it got redirected to central server.
Thus cert for central server got installed not one from capsule.
if I use http to pull down rpm all is good.
Updated by Justin Sherrill almost 8 years ago
- Category set to Foreman Proxy Content
- Status changed from New to Rejected
- Translation missing: en.field_release set to 166