Systems -> kickstart -> GPG & SSL Keys . There should be one called RHN-ORG-TRUSTED-SSL-CERT or similar. The text that's in that entire thing should be put in a file and specified as the file in the --sslCACert=/path/to/file.crt argument
On Thu, Mar 8, 2012 at 8:04 AM, Andy Ingham <[email protected]> wrote: > Sabuj -- > > Thanks for the info, but what I think I'm struggling with is exactly WHICH > cert and key files, FROM where, concatenated in WHAT WAY and ultimately > saved in WHICH directory (and on which host). > > > As someone mentioned on the list previously, the info specific to SSL > files for spacewalk is thin and with numerous files involved (and spread > across both sw server and sw clients), I am far from confident that I've > got what I'm supposed to have where I'm supposed to have it. > > Is there (client) setup documentation somewhere that I'm missing? > > Again, many thanks! > > Andy > > > On 3/7/12 4:27 PM, "Sabuj Pattanayek" <[email protected]> wrote: > >> An error has occurred: >> up2date_client.up2dateErrors.SSLCertificateVerifyFailedError >> See /var/log/up2date for more information > > In my kickstart scripts the SSL cert from the server gets put into > this file and it does this : > > cat > /tmp/ssl-key-1 <<'EOF' > # HUGE SSL KEY HERE # > . > . > . > cat /tmp/ssl-key-* > /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT > perl -npe 's/RHNS-CA-CERT/RHN-ORG-TRUSTED-SSL-CERT/g' -i > /etc/sysconfig/rhn/* > . > . > rhnreg_ks --force --serverUrl=<yourServer>/XMLRPC > --sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT > --activationkey=<your activation key> > > _______________________________________________ > Spacewalk-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/spacewalk-list > > > _______________________________________________ > Spacewalk-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/spacewalk-list _______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
