Project

General

Profile

Bug #9093

Foreman client cert needs deploying to Capsules

Added by Stephen Benjamin over 7 years ago. Updated almost 4 years ago.

Status:
Duplicate
Priority:
Normal
Category:
Installer
Target version:
Difficulty:
Triaged:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

settings.yml for the foreman proxy needs separate certificates to talk to Foreman as a client (luckily we create the RPM and it even ends up on the capsule, we just don't do anything with it).

Otherwise when using the templates plugin, proxy can't request it over SSL as it's Proxy certificate is only a Server certificate.

SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write certificate verify A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL3 alert read:fatal:unsupported certificate
SSL_connect:failed in SSLv3 read server session ticket A
139936624129864:error:14094413:SSL routines:SSL3_READ_BYTES:sslv3 alert unsupported certificate:s3_pkt.c:1257:SSL alert number 43
139936624129864:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:184:

Related issues

Related to Katello - Tracker #8172: Isolate Client Communication through a CapsuleNew

Blocks Katello - Feature #8991: Support templates plugin in CapsuleClosed2015-01-16

History

#1 Updated by Stephen Benjamin over 7 years ago

  • Related to Tracker #8172: Isolate Client Communication through a Capsule added

#2 Updated by Stephen Benjamin over 7 years ago

  • Blocks Feature #8991: Support templates plugin in Capsule added

#3 Updated by Stephen Benjamin over 7 years ago

  • Status changed from New to Duplicate

#4 Updated by Eric Helms over 7 years ago

  • Target version set to 63

#5 Updated by Eric Helms over 7 years ago

  • Triaged changed from No to Yes

#6 Updated by Eric Helms about 7 years ago

  • Legacy Backlogs Release (now unused) set to 23

#7 Updated by Eric Helms about 7 years ago

  • Legacy Backlogs Release (now unused) deleted (23)

#8 Updated by Eric Helms almost 6 years ago

  • Legacy Backlogs Release (now unused) set to 166

Also available in: Atom PDF