Avi, Here are the steps for registering SLES from the Spacewalk documentation:
https://fedorahosted.org/spacewalk/wiki/RegisteringClients#SUSE However, the steps are not completely accurate for SLES 11 SP3. A few changes need to be made. 1. Changes to the spacewalk-tools URL. zypper ar -f http://download.opensuse.org/repositories/systemsmanagement:/spacewalk:/2.3/SLE_11_SP3/ spacewalk-tools 2. Step two applies to SLES 12, not to SLES 11. (I learned about that from this forum). These are the modified steps: a. wget http://corp-spwalk-prod01.dtn.com/pub/RHN-ORG-TRUSTED-SSL-CERT -O /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT b. cp /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT /etc/ssl/certs/RHN-ORG-TRUSTED-SSL-CERT.pem c. c_rehash /etc/ssl/certs/ After running the c_rehash, I get the following: lrwxrwxrwx 1 root root 28 Sep 9 08:05 dcfb5746.0 -> RHN-ORG-TRUSTED-SSL-CERT.pem I'm assuming that this is what I should see. These are the same steps that I used in my testing. Is there something wrong with the cert? Thanks Daryl ________________________________________ From: [email protected] <[email protected]> on behalf of Avi Miller <[email protected]> Sent: Tuesday, September 8, 2015 3:39 PM To: [email protected] Subject: Re: [Spacewalk-list] How to use a signed certificate? Hey Daryl, > On 9 Sep 2015, at 6:06 am, Daryl Rose <[email protected]> wrote: > > I decided to move my SW environment into production, so I stood up a brand > new SW server and redid the signed certificate according to your > documentation. Everything works fine with the RHEL servers that I've > attached, but I'm having certificate issues with SLES. I don't think we ever tested this with SLES/OpenSUSE as that's not covered under standard Oracle support. I've not even looked into how you register a SLES system to Spacewalk, so I can't comment on how that process would need to be updated for a 3rd-party certificate. However, this seems like a verification issue, so I would double-check that you're using the correct CA certificate (RHN-ORG-TRUSTED-SSL-CERT) and that it has the entire CA chain contained. Otherwise, the client would not be able to verify the certificate provided by the server. Can you point me towards the appropriate documentation that outlines the SLES registration process to Spacewalk so I can review? Thanks, Avi -- Oracle <http://www.oracle.com> Avi Miller | Product Management Director | +61 (3) 8616 3496 Oracle Linux and Virtualization 417 St Kilda Road, Melbourne, Victoria 3004 Australia _______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list _______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
