Hello everyone,
I have installed openscap plugin for existing foreman 1.15 and trying to get the compliance report for a server, facing few issues during this process. Having trouble assigning policy to host, its not loading to select the existing policy. So I have tried from command line by running /usr/bin/foreman_scap_client 1 below is the confi file /etc/foreman_scap_client/config.yaml # DO NOT EDIT THIS FILE MANUALLY # IT IS MANAGED BY PUPPET # Foreman proxy to which reports should be uploaded :server: 'foremanproxy.example.com' :port: 8443 ## SSL specific options ## # Client CA file. # It could be Puppet CA certificate (e.g., '/var/lib/puppet/ssl/certs/ca.pem') # Or (recommended for client reporting to Katello) subscription manager CA file, (e.g., '/etc/rhsm/ca/katello-server-ca.pem') :ca_file: '/etc/puppetlabs/puppet/ssl/certs/ca.pem' # Client host certificate. # It could be Puppet agent host certificate (e.g., '/var/lib/puppet/ssl/certs/myhost.example.com.pem') # Or (recommended for client reporting to Katello) consumer certificate (e.g., '/etc/pki/consumer/cert.pem') :host_certificate: '/etc/puppetlabs/puppet/ssl/certs/localhost.example.com.pem' # Client private key # It could be Puppet agent private key (e.g., '/var/lib/puppet/ssl/private_keys/myhost.example.com.pem') # Or (recommended for client reporting to Katello) consumer private key (e.g., '/etc/pki/consumer/key.pem') :host_private_key: '/etc/puppetlabs/puppet/ssl/private_keys/localhost.example.com.pem' # policy (key is id as in Foreman) 1: :profile: '' :content_path: '/usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml' # Download path # A path to download SCAP content from proxy :download_path: '/compliance/policies/1/content' :tailoring_path: '' :tailoring_download_path: '' root localhost [~] # /usr/bin/foreman_scap_client 1 DEBUG: running: oscap xccdf eval --results-arf /tmp/d20170615-1073-zzt674/results.xml /usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml WARNING: Skipping http://www.redhat.com/security/data/oval/Red_Hat_Enterprise_Linux_7.xml file which is referenced from XCCDF content DEBUG: running: /usr/bin/bzip2 /tmp/d20170615-1073-zzt674/results.xml Uploading results to https://foreman.example.com:8443/compliance/arf/1 At https://foreman.example.com:8443/compliance/arf/1 it through a message as " No client SSL certificate supplied " Below are logs from foreman-proxy server /var/log/foreman-proxy/proxy.log https://pastebin.com/uFLAZffP Can anyone please help me with this. Thank you Sai Krishna -- You received this message because you are subscribed to the Google Groups "Foreman users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/foreman-users. For more options, visit https://groups.google.com/d/optout.
