Project

General

Profile

ERF50-5345 » History » Version 2

Lukas Zapletal, 01/17/2022 01:25 PM
ERF50-5345

1 1 El Joppa
h1. ERF50-5345
2
3
Make sure SSL is enabled in foreman-proxy:
4
5
<pre>
6
:enabled: https
7
</pre>
8 2 Lukas Zapletal
9
In some cases the Foreman web interface fails to list the host certificates in the "infrastucture"=>"Puppet CA" section. Instead of listing the host certificates it may show the following error:
10
11
    Failure: ERF50-5345 [Foreman::WrappedException]: Unable to connect ([ProxyAPI::ProxyException]: ERF12-5356 [ProxyAPI::ProxyException]: Unable to get PuppetCA certificates ([RestClient::NotAcceptable]: 406 Not Acceptable) for proxy ...
12
13
This is most likely due to missing sudo permissions for the local user foreman-proxy. Make sure that
14
15
1. The sudo permissions are correct, ie the file /etc/sudoers.d/foreman-proxy contains
16
17
       foreman-proxy ALL = (root) NOPASSWD : /opt/puppetlabs/bin/puppetserver ca *
18
       Defaults:foreman-proxy !requiretty
19
20
2. The sudo permissions apply for local users, ie /etc/security/access.conf contains
21
22
       +:ALL:LOCAL