Little late to the party here. My understanding: You have 2 Foreman servers you're trying to LB, but when you connect to them w/ a Smart Proxy, you get this SSL error. You changed something in the answer-file and re-ran the installer.
Let's start with the easy stuff. Assuming this is RHEL/CentOS on the Foreman server: grep -i servername /etc/httpd/conf.d/*foreman* grep -i SSL /etc/httpd/conf.d/*foreman* You should see foremandv.example.com as the ServerName, and the correct certs in 05-foreman-ssl.conf. If those two look correct you should able to connect to Foreman via your web browser & the LB (make sure it shows the right certs!). If those two are correct and you're getting the errors you posted on the Smart Proxy (and it looks like they are Smart Proxy errors), that tells me the Smart Proxy isn't configured w/ the correct CA cert, so it cannot validate the certs the Foreman server is presenting. -Chris On Tuesday, November 22, 2016 at 1:09:30 PM UTC-5, Sai Krishna wrote: > > Hello, > > I have dedicated puppet ca where I have generated certs in the name of > foreman url which I want to and copied > /etc/puppetlabs/puppet/ssl/certs/ca.pem , foreman.example.com.pem and > */private_keys/foremandv.example.com.pem and crl.pem. to host1.example.com. > " host1.example.com" using this node to install only foreman. RHEL 7.3 > and foreman 13.1 (latest) > > I have changed hostname (host1.example.com) in few fields using > interactive mode while running installer. > > Finally ended up with https errors as below. > > Proxy foremandv.examplecom cannot be registered: Unable to communicate > with the proxy: ERF12-2530 [ProxyAPI::ProxyException]: Unable to detect > features ([OpenSSL::SSL::SSLError]: hostname "host1.example.com" does not > match the server certificate) for proxy > https://host1.example.com:8443/features Please check the proxy is > configured and running on the host. > /usr/share/foreman-installer/modules/foreman/lib/puppet/provider/foreman_smartproxy/rest_v3.rb:23:in > > `create' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/property/ensure.rb:16:in > `block in defaultvalues' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/property.rb:487:in `set' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/property.rb:561:in > `sync' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:236:in > > `sync' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:134:in > > `sync_if_needed' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:80:in > > `perform_changes' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/resource_harness.rb:21:in > > `evaluate' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:230:in > `apply' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:246:in > `eval_resource' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:163:in > `call' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:163:in > `block (2 levels) in evaluate' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:386:in `block > in thinmark' > /opt/puppetlabs/puppet/lib/ruby/2.1.0/benchmark.rb:294:in `realtime' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:385:in > `thinmark' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:163:in > `block in evaluate' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/graph/relationship_graph.rb:118:in > > `traverse' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction.rb:154:in > `evaluate' > /usr/share/gems/gems/kafo-0.9.8/modules/kafo_configure/lib/puppet/parser/functions/add_progress.rb:31:in > > `evaluate_with_trigger' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/resource/catalog.rb:222:in > `block in apply' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/log.rb:155:in > `with_destination' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/transaction/report.rb:142:in > > `as_logging_destination' > /usr/share/gems/gems/kafo-0.9.8/modules/kafo_configure/lib/kafo/puppet/report_wrapper.rb:34:in > > `method_missing' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/resource/catalog.rb:221:in > `apply' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:171:in > `block in apply_catalog' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:223:in `block > in benchmark' > /opt/puppetlabs/puppet/lib/ruby/2.1.0/benchmark.rb:294:in `realtime' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:222:in > `benchmark' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:170:in > `apply_catalog' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:343:in > `run_internal' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:221:in > `block in run' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/context.rb:65:in > `override' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:241:in `override' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/configurer.rb:195:in > `run' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:350:in > > `apply_catalog' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:274:in > > `block in main' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/context.rb:65:in > `override' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet.rb:241:in `override' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:225:in > > `main' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/apply.rb:170:in > > `run_command' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application.rb:344:in > `block in run' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:540:in > `exit_on_fail' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application.rb:344:in > `run' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:132:in > > `run' > /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:72:in > `execute' > /opt/puppetlabs/puppet/bin/puppet:5:in `<main>' > > /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[foremandv.examplecom]/ensure: > > change from absent to present failed: Proxy foremandv.example.com cannot > be registered: Unable to communicate with the proxy: ERF12-2530 > [ProxyAPI::ProxyException]: Unable to detect features > ([OpenSSL::SSL::SSLError]: hostname "host1.example.com" does not match > the server certificate) for proxy https://host1.example.com:8443/features > Please check the proxy is configured and running on the host. > Installing Done > [100%] > [..........................................................................................................] > Something went wrong! Check the log for ERROR-level output > * Foreman is running at https://foremandv.example.com > Initial credentials are admin / sZ3Twb79PDQoaL4G > * Foreman Proxy is running at https://foremandv.example.com:8443 > The full log is at /var/log/foreman-installer/foreman.log > > Can any one please advice the procedure for clustering 3 foreman servers. > > Thank you > Sai Krishna > > > > -- You received this message because you are subscribed to the Google Groups "Foreman users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/foreman-users. For more options, visit https://groups.google.com/d/optout.
