Actions
Bug #4790
closedforeman-installer does not preserve case when generating Apache SSL cert
Status:
Duplicate
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Description
Setup
OS: Ubuntu 12.04 (Precise)
Hostname: foremanDEV.gateway.2wire.net
Running foreman-installer generates the following errors:
[ERROR 2014-03-23 16:05:03 main] /Stage[main]/Apache::Service/Service[httpd]: Failed to call refresh: Could not start Service[httpd]: Execution of '/etc/init.d/apache2 start' returned 1: at /usr/share/foreman-installer/modules/apache/manifests/service.pp:34 [ERROR 2014-03-23 16:05:11 main] /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[foremanDEV.gateway.2wire.net]: Could not evaluate: Connection refused - connect(2)
More information about the error is found when manually attempting to start Apache:
# /etc/init.d/apache2 start * Starting web server apache2 Syntax error on line 38 of /etc/apache2/sites-enabled/05-foreman-ssl.conf: SSLCertificateFile: file '/var/lib/puppet/ssl/certs/foremanDEV.gateway.2wire.net.pem' does not exist or is empty Action 'start' failed. The Apache error log may have more information.
The server name and cert files are correct in the .conf file
ServerName foremanDEV.gateway.2wire.net SSLCertificateFile /var/lib/puppet/ssl/certs/foremanDEV.gateway.2wire.net.pem SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/foremanDEV.gateway.2wire.net.pem
However, the filenames of the generated cert files are incorrectly cased
# ls /var/lib/puppet/ssl/certs ca.pem foremandev.gateway.2wire.net.pem # ls /var/lib/puppet/ssl/private_keys foremandev.gateway.2wire.net.pem
Updated by Dominic Cleal over 10 years ago
- Is duplicate of Bug #4679: Upper or mixed case hostnames fail as SSL certs are lower case added
Updated by Dominic Cleal over 10 years ago
- Status changed from New to Duplicate
Thanks for the report, we've got #4679 for this. This seems to be a Puppet feature, since we use its certificate authority - perhaps as certificate hostname matching is usually case insensitive (AIUI)?
The correct thing for us to do is probably downcase the hostname when we add it to the Apache configuration so it refers to the correct filename.
Actions