In this case the entitlement certs themselves aren't expired from a date perspective, they just no longer work connecting to Red Hat. It's more like they've been revoked because the server they are on got new entitlement certs which is happening automatically, I just have not figured out how to prevent that. I've tried turning of rhsmcertd, disabled subscription management, and combinations in between.
On Wed, May 27, 2020 at 2:23 PM Brian Bouterse <[email protected]> wrote: > If the certs are short-lived, then there isn't much to do except ask the > issuer to give you longer ones. You could inspect the certs more closely I > believe using the `rct cat-crt` command. Pulp-certguard has some docs > showing an example with that tool > https://pulp-certguard.readthedocs.io/en/latest/debugging.html#checking-authorized-urls-in-rhsm-certificates > > On Wed, May 27, 2020 at 11:20 AM Myers, Mike <[email protected]> wrote: > >> We’ve faced that too. I’ve love some deeper insight, but what I’ve found >> so far is that “rhsmcertd” process does some sort of check/update on those >> certs. We’ve just set a process to pull those from /etc/pki/entitlement >> into Pulp when such a failure occurs. It would be nice if there were a >> Pulp native way to address this (short of running the whole Satellite suite) >> >> >> >> Cheers, >> >> *Mike Myers* >> >> >> >> *From: *<[email protected]> on behalf of Gravel Bone < >> [email protected]> >> *Date: *Wednesday, May 27, 2020 at 5:48 AM >> *To: *"[email protected]" <[email protected]> >> *Subject: *<External>[Pulp-list] Syncing Red hat Repos entitlement issue >> >> >> >> This is probably something straight forward, but my searches have found >> nothing... >> >> >> >> I pull an entitlement files from our server (well three for three >> different subscriptions) and create repos using them to sync the >> corresponding Red Hat repository. The problem is, the entitlements seem >> to expire about every month. I'm sure it's something I'm missing that >> stupid obvious, but google has not been my friend nor has the >> documentation...help would be appreciated... >> _______________________________________________ >> Pulp-list mailing list >> [email protected] >> https://www.redhat.com/mailman/listinfo/pulp-list > >
_______________________________________________ Pulp-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/pulp-list
