Project

General

Profile

Actions

Bug #4790

closed

foreman-installer does not preserve case when generating Apache SSL cert

Added by Anya Marshall over 10 years ago. Updated over 10 years ago.

Status:
Duplicate
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

Setup
OS: Ubuntu 12.04 (Precise)
Hostname: foremanDEV.gateway.2wire.net

Running foreman-installer generates the following errors:

[ERROR 2014-03-23 16:05:03 main]  /Stage[main]/Apache::Service/Service[httpd]: Failed to call refresh: Could not start Service[httpd]: Execution of '/etc/init.d/apache2 start' returned 1:  at /usr/share/foreman-installer/modules/apache/manifests/service.pp:34
[ERROR 2014-03-23 16:05:11 main]  /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[foremanDEV.gateway.2wire.net]: Could not evaluate: Connection refused - connect(2)

More information about the error is found when manually attempting to start Apache:

# /etc/init.d/apache2 start
 * Starting web server apache2
Syntax error on line 38 of /etc/apache2/sites-enabled/05-foreman-ssl.conf:
SSLCertificateFile: file '/var/lib/puppet/ssl/certs/foremanDEV.gateway.2wire.net.pem' does not exist or is empty
Action 'start' failed.
The Apache error log may have more information.

The server name and cert files are correct in the .conf file

ServerName foremanDEV.gateway.2wire.net
SSLCertificateFile      /var/lib/puppet/ssl/certs/foremanDEV.gateway.2wire.net.pem
SSLCertificateKeyFile   /var/lib/puppet/ssl/private_keys/foremanDEV.gateway.2wire.net.pem

However, the filenames of the generated cert files are incorrectly cased

# ls /var/lib/puppet/ssl/certs
ca.pem    foremandev.gateway.2wire.net.pem

# ls /var/lib/puppet/ssl/private_keys
foremandev.gateway.2wire.net.pem


Related issues 1 (0 open1 closed)

Is duplicate of Installer - Bug #4679: Upper or mixed case hostnames fail as SSL certs are lower caseClosed03/17/2014Actions
Actions #1

Updated by Dominic Cleal over 10 years ago

  • Is duplicate of Bug #4679: Upper or mixed case hostnames fail as SSL certs are lower case added
Actions #2

Updated by Dominic Cleal over 10 years ago

  • Status changed from New to Duplicate

Thanks for the report, we've got #4679 for this. This seems to be a Puppet feature, since we use its certificate authority - perhaps as certificate hostname matching is usually case insensitive (AIUI)?

The correct thing for us to do is probably downcase the hostname when we add it to the Apache configuration so it refers to the correct filename.

Actions

Also available in: Atom PDF