Project

General

Profile

Bug #4790

foreman-installer does not preserve case when generating Apache SSL cert

Added by Anya Marshall over 5 years ago. Updated over 5 years ago.

Status:
Duplicate
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:

Description

Setup
OS: Ubuntu 12.04 (Precise)
Hostname: foremanDEV.gateway.2wire.net

Running foreman-installer generates the following errors:

[ERROR 2014-03-23 16:05:03 main]  /Stage[main]/Apache::Service/Service[httpd]: Failed to call refresh: Could not start Service[httpd]: Execution of '/etc/init.d/apache2 start' returned 1:  at /usr/share/foreman-installer/modules/apache/manifests/service.pp:34
[ERROR 2014-03-23 16:05:11 main]  /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[foremanDEV.gateway.2wire.net]: Could not evaluate: Connection refused - connect(2)

More information about the error is found when manually attempting to start Apache:

# /etc/init.d/apache2 start
 * Starting web server apache2
Syntax error on line 38 of /etc/apache2/sites-enabled/05-foreman-ssl.conf:
SSLCertificateFile: file '/var/lib/puppet/ssl/certs/foremanDEV.gateway.2wire.net.pem' does not exist or is empty
Action 'start' failed.
The Apache error log may have more information.

The server name and cert files are correct in the .conf file

ServerName foremanDEV.gateway.2wire.net
SSLCertificateFile      /var/lib/puppet/ssl/certs/foremanDEV.gateway.2wire.net.pem
SSLCertificateKeyFile   /var/lib/puppet/ssl/private_keys/foremanDEV.gateway.2wire.net.pem

However, the filenames of the generated cert files are incorrectly cased

# ls /var/lib/puppet/ssl/certs
ca.pem    foremandev.gateway.2wire.net.pem

# ls /var/lib/puppet/ssl/private_keys
foremandev.gateway.2wire.net.pem


Related issues

Is duplicate of Installer - Bug #4679: Upper or mixed case hostnames fail as SSL certs are lower caseClosed2014-03-17

History

#1 Updated by Dominic Cleal over 5 years ago

  • Is duplicate of Bug #4679: Upper or mixed case hostnames fail as SSL certs are lower case added

#2 Updated by Dominic Cleal over 5 years ago

  • Status changed from New to Duplicate

Thanks for the report, we've got #4679 for this. This seems to be a Puppet feature, since we use its certificate authority - perhaps as certificate hostname matching is usually case insensitive (AIUI)?

The correct thing for us to do is probably downcase the hostname when we add it to the Apache configuration so it refers to the correct filename.

Also available in: Atom PDF