foreman-installer does not preserve case when generating Apache SSL cert
OS: Ubuntu 12.04 (Precise)
Running foreman-installer generates the following errors:
[ERROR 2014-03-23 16:05:03 main] /Stage[main]/Apache::Service/Service[httpd]: Failed to call refresh: Could not start Service[httpd]: Execution of '/etc/init.d/apache2 start' returned 1: at /usr/share/foreman-installer/modules/apache/manifests/service.pp:34 [ERROR 2014-03-23 16:05:11 main] /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[foremanDEV.gateway.2wire.net]: Could not evaluate: Connection refused - connect(2)
More information about the error is found when manually attempting to start Apache:
# /etc/init.d/apache2 start * Starting web server apache2 Syntax error on line 38 of /etc/apache2/sites-enabled/05-foreman-ssl.conf: SSLCertificateFile: file '/var/lib/puppet/ssl/certs/foremanDEV.gateway.2wire.net.pem' does not exist or is empty Action 'start' failed. The Apache error log may have more information.
The server name and cert files are correct in the .conf file
ServerName foremanDEV.gateway.2wire.net SSLCertificateFile /var/lib/puppet/ssl/certs/foremanDEV.gateway.2wire.net.pem SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/foremanDEV.gateway.2wire.net.pem
However, the filenames of the generated cert files are incorrectly cased
# ls /var/lib/puppet/ssl/certs ca.pem foremandev.gateway.2wire.net.pem # ls /var/lib/puppet/ssl/private_keys foremandev.gateway.2wire.net.pem
#2 Updated by Dominic Cleal over 5 years ago
- Status changed from New to Duplicate
Thanks for the report, we've got #4679 for this. This seems to be a Puppet feature, since we use its certificate authority - perhaps as certificate hostname matching is usually case insensitive (AIUI)?
The correct thing for us to do is probably downcase the hostname when we add it to the Apache configuration so it refers to the correct filename.