Ok so I've managed to do it like this:
curl -kvs --cert /etc/puppetlabs/puppet/ssl/certs/foreman.test.com.pem --key /etc/puppetlabs/puppet/ssl/private_keys/foreman.test.com.pem --cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem https://foreman.test.com:8443/dhcp * About to connect() to foreman.test.com port 8443 (#0) * Trying 192.168.10.77... * Connected to foreman.test.com (192.168.10.77) port 8443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * skipping SSL peer certificate verification * NSS: client certificate from file * subject: CN=foreman.test.com * start date: Aug 03 07:05:44 2017 GMT * expire date: Aug 03 07:05:44 2022 GMT * common name: foreman.test.com * issuer: CN=Puppet CA: foreman.test.com * SSL connection using TLS_RSA_WITH_AES_128_GCM_SHA256 * Server certificate: * subject: CN=foreman.test.com * start date: Aug 03 07:05:44 2017 GMT * expire date: Aug 03 07:05:44 2022 GMT * common name: foreman.test.com * issuer: CN=Puppet CA: foreman.test.com > GET /dhcp HTTP/1.1 > User-Agent: curl/7.29.0 > Host: foreman.test.com:8443 > Accept: */* > < HTTP/1.1 200 OK < Content-Type: application/json < Content-Length: 104 < X-Content-Type-Options: nosniff < Server: < Date: Fri, 11 Aug 2017 12:52:01 GMT < Connection: Keep-Alive < * Connection #0 to host foreman.test.com left intact [{"network":"192.168.196.0.0","netmask":"255.255.255.0","options":{"range":["192.168.0.201","192.168.0.254"]}}] Dne pátek 11. srpna 2017 14:29:04 UTC+2 Michal Hagara napsal(a): > > > And as an addition to previous information: > > 'dhcp_isc' settings: 'config': /etc/dhcp/dhcpd.conf (default), 'key_name': > omapi_key, 'key_value':secret, 'leases': /var/lib/dhcpd/dhcpd.leases > (default), 'leases_file_observer': inotify_leases_file_observer, > 'omapi_port': 7911, 'server': 127.0.0.1, 'subnets': [], 'use_provider': > dhcp_isc > > > Dne pátek 11. srpna 2017 13:58:07 UTC+2 Michal Hagara napsal(a): >> >> >> *Modified setttings file:* >> >> :settings_directory: /etc/foreman-proxy/settings.d >> :ssl_ca_file: /etc/puppetlabs/puppet/ssl/ >> certs/ca.pem >> :ssl_certificate: /etc/puppetlabs/puppet/ssl/certs/foreman.test.com.pem >> :ssl_private_key: >> /etc/puppetlabs/puppet/ssl/private_keys/foreman.test.com.pem >> :enabled: true >> :trusted_hosts: >> - foreman.test.com >> :foreman_url: https://foreman.test.com >> :api_url: http://foreman.test.com:9191 >> :daemon: true >> :bind_host: '*' >> :https_port: 8443 >> :log_file: /var/log/foreman-proxy/proxy.log >> :log_level: DEBUG >> :log_buffer: 2000 >> :log_buffer_errors: 1000 >> >> >> >> >> *CURL returns nothing :*curl -vv http://foreman.test.com:9191/features >> (/dhcp the same result) >> * About to connect() to foreman.test.com port 9191 (#0) >> * Trying 192.168.10.77... >> * Connected to foreman.test.com <http://foreman.kajot.cz> >> (192.168.10.77) port 9191 (#0) >> > GET /features HTTP/1.1 >> > User-Agent: curl/7.29.0 >> > Host: foreman.test.com:9191 >> > Accept: */* >> >> >> >> *Here is relevant part of proxy.log after Smart proxy startup.* >> >> >> I, [2017-08-11T13:50:21.447593 ] INFO -- : Successfully initialized >> 'salt' >> I, [2017-08-11T13:50:21.447681 ] INFO -- : Successfully initialized >> 'foreman_proxy' >> I, [2017-08-11T13:50:21.447747 ] INFO -- : Successfully initialized >> 'tftp' >> D, [2017-08-11T13:50:21.462982 ] DEBUG -- : trying to find an ip address, >> we got {:from=>"192.168.0.201", :to=>"192.168.0.254"} >> D, [2017-08-11T13:50:21.463469 ] DEBUG -- : Added a subnet: 192.168.0.0 >> I, [2017-08-11T13:50:21.463857 ] INFO -- : Successfully initialized >> 'dhcp_isc' >> I, [2017-08-11T13:50:21.463984 ] INFO -- : Successfully initialized >> 'dhcp' >> I, [2017-08-11T13:50:21.464053 ] INFO -- : Successfully initialized >> 'puppetca' >> I, [2017-08-11T13:50:21.464225 ] INFO -- : Started puppet class cache >> initialization >> I, [2017-08-11T13:50:21.471090 ] INFO -- : Successfully initialized >> 'puppet_proxy_puppet_api' >> I, [2017-08-11T13:50:21.471505 ] INFO -- : Successfully initialized >> 'puppet' >> D, [2017-08-11T13:50:21.471596 ] DEBUG -- : Log buffer API initialized, >> available capacity: 2000/1000 >> I, [2017-08-11T13:50:21.471645 ] INFO -- : Successfully initialized >> 'logs' >> I, [2017-08-11T13:50:21.483375 ] INFO -- : WEBrick 1.3.1 >> I, [2017-08-11T13:50:21.483550 ] INFO -- : ruby 2.0.0 (2015-12-16) >> [x86_64-linux] >> D, [2017-08-11T13:50:21.483994 ] DEBUG -- : TCPServer.new(0.0.0.0, 8443) >> D, [2017-08-11T13:50:21.484414 ] DEBUG -- : TCPServer.new(::, 8443) >> W, [2017-08-11T13:50:21.484595 ] WARN -- : TCPServer Error: Address >> already in use - bind(2) >> >> >> But that doesn't change the fact, that for some reason I'm unable to >> access API. >> >> >> >> >> -- You received this message because you are subscribed to the Google Groups "Foreman users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/foreman-users. For more options, visit https://groups.google.com/d/optout.
