ERF50-5345 » History » Version 2
Lukas Zapletal, 01/17/2022 01:25 PM
ERF50-5345
1 | 1 | El Joppa | h1. ERF50-5345 |
---|---|---|---|
2 | |||
3 | Make sure SSL is enabled in foreman-proxy: |
||
4 | |||
5 | <pre> |
||
6 | :enabled: https |
||
7 | </pre> |
||
8 | 2 | Lukas Zapletal | |
9 | In some cases the Foreman web interface fails to list the host certificates in the "infrastucture"=>"Puppet CA" section. Instead of listing the host certificates it may show the following error: |
||
10 | |||
11 | Failure: ERF50-5345 [Foreman::WrappedException]: Unable to connect ([ProxyAPI::ProxyException]: ERF12-5356 [ProxyAPI::ProxyException]: Unable to get PuppetCA certificates ([RestClient::NotAcceptable]: 406 Not Acceptable) for proxy ... |
||
12 | |||
13 | This is most likely due to missing sudo permissions for the local user foreman-proxy. Make sure that |
||
14 | |||
15 | 1. The sudo permissions are correct, ie the file /etc/sudoers.d/foreman-proxy contains |
||
16 | |||
17 | foreman-proxy ALL = (root) NOPASSWD : /opt/puppetlabs/bin/puppetserver ca * |
||
18 | Defaults:foreman-proxy !requiretty |
||
19 | |||
20 | 2. The sudo permissions apply for local users, ie /etc/security/access.conf contains |
||
21 | |||
22 | +:ALL:LOCAL |