It's not enough to copy the file. You also need to update any references to RHNS-CA-CERT in /etc/sysconfig/up2date to instead use RHN-ORG-TRUSTED-SSL-CERT. When you kickstart a server this is all done automatically.
-- kevin > On Nov 12, 2014, at 2:19 PM, Daryl Rose <[email protected]> wrote: > > Okay. Then we're back to square one. > > As I said, I did in fact copy RHN-ORG-TRUSTED-SSL-CERT from my spacewalk > server to the client. Since the certificate is in fact /usr/share/rhn, https > should work. But it doesn't. So, there is still either a bug, or something > else is missing. > > With that said, where would I get the rpm? Is the rpm on the spacewalk > server as well? > > Thank you. > > Daryl > > >> On Wed, Nov 12, 2014 at 1:00 PM, Amedeo Salvati <[email protected]> wrote: >> Daryl, sorry but I haven't see your previus email, but the answer you get -> >> scp RHN-ORG-TRUSTED-SSL-CERT from spacewalk it's another solution! >> >> to better understand the file RHN-ORG-TRUSTED-SSL-CERT generated during >> installation it's the CA key that you have to put on path: >> >> /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT >> >> on the other hand, instead of scp above file, you can install rpm >> rhn-org-trusted-ssl-cert-1.0-1.noarch.rpm that inside of it there are the >> same file RHN-ORG-TRUSTED-SSL-CERT, so you can choose, usually on bootstrap >> script to use rpm or to use text file -> I prefer to use rpm on rpm systems >> (rhel, centos, suse...), but repeat if you have copied that file using scp >> is the same result! >> >> best regards >> Amedeo Salvati >> >> Il 12/11/2014 18:14, Daryl Rose ha scritto: >>> Amedeo, >>> >>> This is not any any documentation that I can find. As a matter of fact, >>> when I first started working on this, I ran into an error about >>> RHN-ORG-TRUSTED-SSL-CERT. I posted a question to this list, and a person >>> replied back telling me that I needed to scp RHN-ORG-TRUSTED-SSL-CERT from >>> the SW server to the client. That resolved that particular error, but no >>> where have I found that I need to install an additional rpm. >>> >>> I will install it and test. >>> >>> Thank you. >>> >>> Daryl >>> >>> >>> >>>> On Wed, Nov 12, 2014 at 9:58 AM, Amedeo Salvati <[email protected]> wrote: >>>> Daryl this seem that you haven't imported your spacewalk ssl keys, usually >>>> under pub directory of your SW server you can find two files: >>>> >>>> RHN-ORG-TRUSTED-SSL-CERT >>>> rhn-org-trusted-ssl-cert-1.0-1.noarch.rpm >>>> >>>> install rpm on your spacewalk clients, and then your clients has this ssl >>>> key under: >>>> >>>> /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT >>>> >>>> and with this you can use https communications between spacewalk server >>>> and clients... -> with this is more safe if you have provision >>>> entitlements and want to execute on real time scripts (communication goes >>>> through http over ssl) >>>> >>>> Best Regards >>>> Amedeo Salvati >>>> >>>> >>>> Da: [email protected] >>>> A: [email protected] >>>> Cc: >>>> Data: Wed, 12 Nov 2014 09:33:43 -0600 >>>> Oggetto: [Spacewalk-list] I can now update CentOS >>>> >>>> > Previous questions were about the failure of updating CentOS from the >>>> > Spacewalk server. I was getting the following error: >>>> >>>> > local action status: ((6,), 'Fatal error in Python code occurred', {}) >>>> >>>> > I searched and searched and searched, posted questions and no one was >>>> > able to answer the question on what the error was, and how to resolve >>>> > it. >>>> >>>> > The only reply that I received on this board was that this was a bug >>>> > that had been fixed in RH Satellite Server, but apparently not in >>>> > Spacewalk. >>>> >>>> > Perhaps this is a known bug that was only fixed in RH Satellite and not >>>> > addressed in SW because I found other postings with the exact same >>>> > issue. These postings go back for over a year, so I know this has been >>>> > an issue for sometime. Almost all of these posts have the same replies: >>>> > execute a yum clean all, update yum, etc... I did all of that as well >>>> > as did the others in who have the same issue. Stop/start the satellite >>>> > server etc.... >>>> >>>> > Finally, I found a posting by a guy who jumped through all of the hoops, >>>> > as had I, but finally found out that removing the "s" from the >>>> > https://<sp-walk server> in /usr/sysconfig/rhn/up2date resolved the >>>> > issue. >>>> >>>> > I successfully updated my CentOS 6.5 server. >>>> >>>> > Thank you >>>> >>>> > Daryl >>>> >>>> >>>> _______________________________________________ >>>> Spacewalk-list mailing list >>>> [email protected] >>>> https://www.redhat.com/mailman/listinfo/spacewalk-list >>> >>> >>> >>> _______________________________________________ >>> Spacewalk-list mailing list >>> [email protected] >>> https://www.redhat.com/mailman/listinfo/spacewalk-list >> >> >> _______________________________________________ >> Spacewalk-list mailing list >> [email protected] >> https://www.redhat.com/mailman/listinfo/spacewalk-list > > _______________________________________________ > Spacewalk-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/spacewalk-list
_______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
