Bug #19450: Failed to show puppet environment: SSL_CTX_use_PrivateKey - Katello - Foreman

Actions

Copy link

Bug #19450

closed

Failed to show puppet environment: SSL_CTX_use_PrivateKey

Added by Sophian Mehboub over 7 years ago. Updated over 6 years ago.

Status:

Rejected

Priority:

Normal

Assignee:

Category:

Installer

Target version:

Katello Recycle Bin

Difficulty:

Triaged:

Bugzilla link:

Pull request:

Fixed in Releases:

Found in Releases:

Red Hat JIRA:

Description

Hello Everybody,

I do

curl -vs --key /etc/foreman-proxy/foreman_ssl_key.pem --cacert /etc/foreman-proxy/foreman_ssl_ca.pem --cert /etc/foreman-proxy/foreman_ssl_cert.pem https://puppet.example.com:9090/features

It works well

and when i do

curl -vs --key /etc/foreman-proxy/foreman_ssl_key.pem --cacert /etc/foreman-proxy/foreman_ssl_ca.pem --cert /etc/foreman-proxy/foreman_ssl_cert.pem https://puppet.example.com:9090/puppet/environments

I get this error

Failed to list puppet environments: SSL_CTX_use_PrivateKey: key values mismatch

Can anyone help me ?

CentOS Linux release 7.2.1511
puppetserver-2.7.2-1
puppet-agent-1.10.0-1
foreman-proxy-1.14.3-1
foreman-proxy-content-3.3.1-1

I have foreman smart proxy with katello, and a smart proxy with puppetca and master
I have the same result from puppet.example.com or katello.example.com

Actions

Copy link

Updated by Dominic Cleal over 7 years ago

Tracker changed from Bug to Support
Project changed from Foreman to Smart Proxy

This may indicate a misconfiguration of the SSL certificate and key used to access the Puppet server API, check that the certificate and private key referred to in /etc/foreman-proxy/settings.d/puppet_proxy_puppet_api.yml are the correct pair. The OpenSSL error indicates they don't match.

(Check other keys/certs used by the smart proxy, but in all likelihood it's those when using the Puppet API.)

Please prefer the mailing list or IRC channel for support queries, see https://theforeman.org/support.html for details.

Actions

Copy link