All our servers are in sync with each other. The good news is, I kept hacking around and got it working. The solution was ridiculously simple:
1) cd /root/ssl-build 2) cp server.crt /etc/pki/tls/certs 3) cp server.key /etc/pki/tls/private 4) service httpd reload 5) profit So now I am able to register clients over https and have their communications working properly. Is there a document that shows how to use a purchased certificate (or in our case, our own CA) to properly create the httpd and jabber certs as well as setting up the CA cert on the clients? Thanks! Greg On 2011-07-29 11:51 AM, "Jan Pazdziora" <[email protected]> wrote: >On Thu, Jul 28, 2011 at 05:17:31PM -0400, Wojtak, Greg wrote: >> I started playing around with provisioning today and got to the point >> where I can get a system kickstarted, but it is not showing up in >> spacewalk afterwards as a registered system. Looking through the >> kickstart, I finally tracked it down to an SSL issue when running >> rhnreg_ks: >> >> [root@localhost rhn]# rhnreg_ks --serverUrl=https://spacewalk/XMLRPC >> <https://ql2spacewalk1/XMLRPC> >> --sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT >> --activationkey=1-eab559ea4aaccb6911f1f0bf8e1ff973,1-centos-6-x86_64 >> An error has occurred: >> <class 'up2date_client.up2dateErrors.SSLCertificateVerifyFailedError'> >> See /var/log/up2date for more information >> >> This hasn't been in issue in the past because when we register systems >> manually, we've always done so with http (no SSL). I was running apache >> httpd with an SSL cert generated from our internal PKI infrastructure, >>so >> I replaced that with the cert created by the spacewalk installer. I >>still >> get the same error. > >Is the time on the client and on the server in sync? > >-- >Jan Pazdziora >Principal Software Engineer, Satellite Engineering, Red Hat > >_______________________________________________ >Spacewalk-list mailing list >[email protected] >https://www.redhat.com/mailman/listinfo/spacewalk-list _______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
