Project

General

Profile

Bug #34264

ssl error when upgrading from foreman 3.0.1 to 3.1.0

Added by Brian Frost 4 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:

Description

When running foreman-installer to complete the upgrade from 3.0.1 to 3.1.0, the following error occurs.

2022-01-14 08:53:13 [ERROR ] [configure] /Stage[main]/Foreman::Register/Foreman_host[foreman-XXXXXXXXX]: Could not evaluate: Exception SSL_connect returned=1 errno=0 state=error: certificate verify failed (self signed certificate in certificate chain) in get request to: https://XXXXXXXX/api/v2/hosts?search=name%3D%22XXXXXXXX%22
2022-01-14 08:53:13 [ERROR ] [configure] Wrapped exception:
2022-01-14 08:53:13 [ERROR ] [configure] SSL_connect returned=1 errno=0 state=error: certificate verify failed (self signed certificate in certificate chain)

To work around this issue, file /usr/share/foreman-installer/modules/foreman/lib/puppet/provider/foreman_resource/rest_v3.rb line 50 was changed from:

:ca_file            => resource[:ssl_ca]

to

:ca_file            => '/etc/pki/katello/certs/katello-server-ca.crt'

per discussion thread at https://community.theforeman.org/t/could-not-evaluate-exception-ssl-connect-returned-1-errno-0-state-error-certificate-verify-failed-self-signed-certificate-in-certificate-chain/26338/6

Please assign to appropriate team to investigate and resolve.

Also available in: Atom PDF