Hi I am having the exact same issue, have you found a solution yet?
On Thursday, 15 June 2017 17:29:01 UTC+2, Sai Krishna wrote: > > > Hello everyone, > > > I have installed openscap plugin for existing foreman 1.15 and trying to > get the compliance report for a server, facing few issues during this > process. > > Having trouble assigning policy to host, its not loading to select the > existing policy. > > So I have tried from command line by running /usr/bin/foreman_scap_client 1 > > below is the confi file /etc/foreman_scap_client/config.yaml > > # DO NOT EDIT THIS FILE MANUALLY > # IT IS MANAGED BY PUPPET > > # Foreman proxy to which reports should be uploaded > :server: 'foremanproxy.example.com' > :port: 8443 > > ## SSL specific options ## > # Client CA file. > # It could be Puppet CA certificate (e.g., > '/var/lib/puppet/ssl/certs/ca.pem') > # Or (recommended for client reporting to Katello) subscription manager CA > file, (e.g., '/etc/rhsm/ca/katello-server-ca.pem') > :ca_file: '/etc/puppetlabs/puppet/ssl/certs/ca.pem' > # Client host certificate. > # It could be Puppet agent host certificate (e.g., > '/var/lib/puppet/ssl/certs/myhost.example.com.pem') > # Or (recommended for client reporting to Katello) consumer certificate > (e.g., '/etc/pki/consumer/cert.pem') > :host_certificate: > '/etc/puppetlabs/puppet/ssl/certs/localhost.example.com.pem' > # Client private key > # It could be Puppet agent private key (e.g., > '/var/lib/puppet/ssl/private_keys/myhost.example.com.pem') > # Or (recommended for client reporting to Katello) consumer private key > (e.g., '/etc/pki/consumer/key.pem') > :host_private_key: > '/etc/puppetlabs/puppet/ssl/private_keys/localhost.example.com.pem' > # policy (key is id as in Foreman) > > 1: > :profile: '' > :content_path: '/usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml' > # Download path > # A path to download SCAP content from proxy > :download_path: '/compliance/policies/1/content' > :tailoring_path: '' > :tailoring_download_path: '' > > > root localhost [~] # /usr/bin/foreman_scap_client 1 > DEBUG: running: oscap xccdf eval --results-arf > /tmp/d20170615-1073-zzt674/results.xml > /usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml > WARNING: Skipping > http://www.redhat.com/security/data/oval/Red_Hat_Enterprise_Linux_7.xml > file which is referenced from XCCDF content > DEBUG: running: /usr/bin/bzip2 /tmp/d20170615-1073-zzt674/results.xml > Uploading results to https://foreman.example.com:8443/compliance/arf/1 > > > > At https://foreman.example.com:8443/compliance/arf/1 it through a > message as " No client SSL certificate supplied " > > > > Below are logs from foreman-proxy server > /var/log/foreman-proxy/proxy.log > > > https://pastebin.com/uFLAZffP > > > Can anyone please help me with this. > > Thank you > Sai Krishna > -- You received this message because you are subscribed to the Google Groups "Foreman users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/foreman-users. For more options, visit https://groups.google.com/d/optout.
