Project

General

Profile

Actions
Copy link

Bug #20242

closed

certain subscriptions cause client cert to not be used (forbidden)

Added by Justin Sherrill over 7 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Justin Sherrill
Category:
Subscriptions
Target version:
Katello 3.4.4
Difficulty:
easy
Triaged:
Bugzilla link:
Pull request:
https://github.com/Katello/katello/pull/6859
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

A user on irc reported getting forbidden when tryin to sync the cdn. Refreshing the manifest or importing it had not fixed the problem.

Upon further inspection it seemed like katello was using a nil entitlement certificate:

> Katello::Product.find(16).name
"Red Hat Enterprise Linux Server" 

> Katello::Product.find(16).product_certificate
nil

this code here:

https://github.com/Katello/katello/blob/master/app/lib/katello/resources/candlepin.rb#L675-L679

            product_subscription = subscriptions.find do |sub|
              sub["product"]["id"] == id ||
                sub["providedProducts"].any? { |provided| provided["id"] == id } ||
                sub["derivedProvidedProducts"].any? { |provided| provided["id"] == id }
            end

was finding this product:

=> {"product"=>{"id"=>"RH00003S"}, "providedProducts"=>[{"id"=>"180"}, {"id"=>"127"}, {"id"=>"273"}, {"id"=>"274"}, {"id"=>"205"}, {"id"=>"272"}, {"id"=>"240"}, {"id"=>"93"}, {"id"=>"86"}, {"id"=>"182"}, {"id"=>"91"}, {"id"=>"317"}, {"id"=>"69"}, {"id"=>"133"}, {"id"=>"176"}, {"id"=>"201"}, {"id"=>"246"}, {"id"=>"70"}, {"id"=>"84"}, {"id"=>"271"}, {"id"=>"318"}], "derivedProvidedProducts"=>[], "certificate"=>nil}

whch corresponded with "Red Hat Enterprise Linux Server, Premium (Physical or Virtual Nodes)".

I am not sure why it has no certificate on it though.

Actions
Copy link

Also available in: Atom PDF